Security News Article Week 4
German law makes hacking a punishable crime
This article is significant to international IT security. Computer crime is on the rise and governments all over the world are attempting to deal with cyber criminals through legislation. The German government is considering a new law that would make hacking a punishable crime. According to the article, the new law would tighten existing German law which prohibits attacks on computer systems. The new law defines hacking as the penetration of a computer system gaining access to secure data (access even if data is not stolen). The violators of the new law would face up to 10 years in prison. The law also makes it illegal for anyone to manufacture, disseminate, or buy tools that are designed for illegal purpose.
The new German law has both bad and good implications:
· As noted by the article, companies would not be allowed to hire consultants who could legally conduct penetration testing. “Good” hackers, also known as “white hats” who work for security companies would be restricted by the law. Companies would have trouble testing security controls. This will provide an advantage to would be hackers who would seek to circumvent German law by launching attacks from a country where uniformity of law and jurisdictional differences exists.
· The new law would assist in the prosecution of hackers in both Germany and internationally. This is important because the law may hinder would be cyber criminals from launching cyber hacks/attacks from German soil.
References:
Krutz and Vines; The CISSP Prep Guide, Wiley, 2001. ISBN: 0-471-41356-9