Computer Evidence

Michael J L Turner MA FBCS CITP MAE FEWI

e-mail Michael Turner

Print-friendly CV

Tell a colleague!

Anwar Batson, 29, used hacking tool Sentry MBA to attack UK National Lottery operator Camelot's database of 9m customer accounts.

Guilty pleas to four counts under CMA. Jailed for nine months.

Scott Cowley, 27, purchased Imminent Monitor RAT (IM-RAT) that he used to spy on three women's webcams and secretly film them undressing and having sex.

Guilty pleas to four counts under CMA. Jailed for two years and ordered to sign on the Sex Offenders Register and comply with a Sexual Harm Prevention Order for 10 years.

Disgruntled former Jet2 IT contractor Scott Burns, 27, deleted an entire domain's user accounts in a revenge attack that shut down Jet2's systems for 12 hours in January 2018 and accessed the email account of Jet2's chief executive. Recovery from the attack cost the company £165,000.

Guilty pleas to eight counts under CMA. Sentenced to imprisonment for 10 months. Laptop order to be destroyed. Judge referred to the "pernicious and far-reaching impact" of this type of attck.

Swindon Crown Court 23 September 2019

Bray (49) a Director of Camera Security Services Limited Chippenham and her employee Ashford (62) were driven by morbid curiosity and accessed CCTV footage of the post mortem of footballer Emiliano Sala.

Guilty Pleas. Bray sentenced to 14 months in prison and Ashford to 5 months in prison

Convicted hacker (aged 16 at time of TalkTalk attack) Gunton, 19, used a suite of hacking tools to penetrate network providers and take over high profile social media accounts before offering them for sale on hacker forums. Australian telecoms provider Telstra attack yielded an Instagram account with a following of 1.3m users whose credentials were sold on.

Sentenced to 20 months in prison, ordered to pay £407k and given a three and a half year Criminal Behaviour Order

Convicted hacker Watts, 20, used SYN flood DDoS denial of service attacks on GMP and Cheshire police public websites that made them inaccessible. Claimed one attack was in retaliation for a separate conviction for a bomb hoax days after Manchester Arena bombing

Guilty pleas. Sentenced to 16 months in a young offenders' institution, five year restraining order to prevent him from deleting browser history, police inspections and destruction of computers

Westminster Magistrates’ Court 3 July 2019

Serving Met Police officer Sergeant Efobi accessed Met police databases to check progress of a criminal investigation of his own conduct.

Guilty plea to three offences. Sentenced to 12 month community order, 150 hours of community service and payment of £90 victim surcharge and £450 costs

Brandon, 44, stole a user's identity from a Facebook account and used it to send WhatsApp messages with indecent images of himself to 27 women whose mobile numbers he had harvested from Gumtree.

The identity theft victim and his wife were threatened by vigilantes, had their car damaged and were forced to move home.

Guilty plea to 29 charges. Sentenced to 30 months in jail.

Multi-million pound global blackmail conspiracy.

Between 2012 and 2014 Computer Science student Qaiser, 24, planted ransomeware attacks (using Angler Exploit Kit ) on porn websites designed to display threatening warning messages from the FBI or local police force and to lock users' computers (using Reveton or Cryptolocker).

National Crime Agency investigation. Defendant initially claimed that he had been hacked.

Guilty plea to four CMA charges. Sentenced to six years and five months prison.

Widely reported as the UK’s most serious cybercrime case

Willey, who had failed law examinations and with no legal qualifications accessed a barrister colleague's email account to copy his Practising Certificate in order to produce a faked copy in his own name. Practised as a barrister working on 18 cases from October 2017 to June 2018.

Guilty plea. Jailed for two years and three months.

Security researcher Clark, 24, aka Slipstream / Raylee and Hounsell, 26, hacked into Microsoft OS software development systems, downloaded 43,000 files and shared details of their exploits online with other hackers; damage estimated at $2M.

Clark also hacked into Nintendo systems and stole 2,000 user ID credentials; damage estimated at £1.4M.

Autistic Clark pleaded guilty to three CMA charges. Sentenced to 15 month prison sentence suspended for 18 months, rehabilitation activity order (25 days), 5 year serious crime prevention order and £140 victim surcharge.

Hounsell pleaded guilty to one CMA charge. Sentenced to 6 month prison sentence suspended for 18 months, unpaid work order (100 hours) and £115 victim surcharge.

Reading Crown Court 1 March 2019

Court of Appeal (Criminal Division) 18/09/2019

[2019] EWCA Crim 1541

Sacked IT consultant Needham, 36, used a former IT colleague's Login ID to delete client data on his former employer Voova's 23 servers. Losses estimated at £500,000 and several redundancies resulted.

Found guilty. Sentenced to two years in prison

Appeal dismissed

The Register

Warwickshire Police Detective Constable Stephens, 47, used force incident management, intelligence and ANPR SYSTEMS to check colleagues' personal data.

Guilty plea. Sentenced to 12 month community order, ordered to do 150 hours unpaid work and pay £270 costs

Desai, 41, attacked his former employer's computer system and caused " significant disruption and financial loss".

Guilty plea. Sentenced to 15 month prison suspended for two years, ordered to pay compensation of £20,000 and £1,800 of costs.

"Hacker for hire" Kaye, 30, was paid $30,000 by a competitor to attack Liberian mobile phone company Lonestar systems using a zombie botnet to execute DDoS attacks that brought down Lonestar's servers.

Guilty plea. Sentenced to 32 months imprisonment.

Investigation by the NCA’s National Cyber Crime Unit (NCCU)

Civilian employee Denmark, 56, used her privileged access as a control room call handler at Leicestershire Police to access police computer systems to find her son's address.

Guilty plea. Six months community order

Edjeren, 39, attempted to steal the pensions of retired public sector workers in Orange County USA by breaking into their accounts and setting up payments using his own Paypal account. Pension company defrauded of £100,00 and spent £200,00 on fixing their software.

Found guilty of Unauthorised access by a majority verdict. Found guilty of fraud by unanimous verdict. Sentenced to three years in prison.

SEROCU Cyber Crime Unit investigation

Wood Green Crown Court 12 November 2018

Wood Green Crown Court 15 July 2019

Kasim used a former co-worker's login credentials to steal personal details (names, phone numbers, vehicle and accident details) from his former employer's vehicle repair software package.

Guilty plea. Sentenced to six months in prison.

First successful CMA prosecution brought by the Information Commissioner’s Office (ICO)

July 2019 hearing found that Kasim had benefitted financially and ordered to pay a £25,500 confiscation order and £8,000 costs

Central Criminal Court 19 November 2018

Court of Appeal (Criminal Division) 30 January 2019

Hanley, 23, and Allsopp, 21, stole more than 150,000 customer records in the £77 million 2015 attack on TalkTalk website vulnerabilities to DDoS and SQL injection attacks.

Guilty pleas. Hanley sentenced to 12 months jail and Allsopp to eight months

Allsopp's appeal against sentence failed.

Derby Crown Court 26 October 2018

Court of Appeal (Criminal Division) R (Pensions Regulator) v Workchain Ltd [2019] EWCA Crim 1422

Owner/Directors and managers at employment firm Smart Recruitment AKA Workchain Ltd made bogus telephone calls to obtain employees' account IDs. Then used the IDs to log onto the NEST online system to opt the workers out of their pension schemes, thus avoiding the firm making pension payments on their behalf.

All seven defendants pleaded guilty. Owner/Directors Phillip Tong and Adam Hinkley received four month prison terms suspended for two years, ordered to complete 200 hours community service and were ordered to pay costs of £11,250 each. Five managers given suspended sentences and/or ordered to complete community service orders and pay costs.

Workchain LTD was fined £200,000.

Prosecution by The Pensions Regulator. Largest financial penalties to date and first fine of a corporate entity.

On appeal Court of Appeal amended the fine handed down to Workchain from £200,000 to £100,000.

James, 31, hacked into over 30 women's iCloud accounts to take private information and photographs and share them online.

Guilty plea to five s1 counts. Sentenced to eight month concurrent sentences.

Dakri, 22, a temp at Leicestershire Police accessed police systems without authorisation, photographing sensitive police documents relating to her brother in law.

Guilty plea to four counts of unauthorised access to computer material. Sentenced to 12 months in prison.

West, 26, used Brute force attacks (Sentry MBA) in August and September 2017 to target some 100 companies' websites (including Just Eat, Sainsburys, Nectar, Groupon, AO.com, Ladbrokes, Coral betting, Uber, Asda, T mobile and Argos) to harvest tens of thousands of customers' email addresses, passwords and financial data to be sold on the dark web.

Guilty pleas. Sentenced to 10 years eight months in jail.

Leicester Crown Court 06/10/2017

Central Criminal Court 20/04/2018

15 year-old Leicester male founder of Crackas With Attitude (CWA) used Social engineering to target email accounts of US government chiefs including John Brennan (CIA), James Clapper and Mark Giuliano (FBI) and their families.

Guilty plea to eight s1 and two s3 offences. Sentenced to two years in youth detention. Order for seizure of his computers.

BBC

BBC

Telegraph

Guardian

Birmingham Magistrates Court 24/04/2018

PC Denne, 44, accessed Staffordshire Police computer systems to obtain information on her partner's ex-wife and children, and her neighbours.

Guilty plea to six CMA counts. Sentenced to a six month community service order, ten days of community rehabilitation work. Ordered to pay £185 court costs and £85 victim surcharge.

PC Howe accessed Northumbria Police computer systems to obtain information to pass on to a female publican with who he was having an “inappropriate relationship”.

Guilty pleas. Sentenced to four months prison suspended for 12 months and ordered to pay £1,460 costs.

Central Criminal Court 25/04/2017, 27/03/2018

Teenager Mudd wrote Titanium Stresser DDoS malware and used it for 595 DDoS attacks against 181 IP addresses. Received Rental Income of some £386,000 from 112,000 registered users.

Guilty plea. Sentenced to two years in a young offenders institute. Ordered (27 March 2018) to pay back £70k within three months or face further two years detention.

BBC

BBC

31 year-old Bar manager hacked into 272 Apple iCloud accounts to grab private, sexual photographs that he posted on his websites and charged members to access. Steinberg used software and guesswork to gain access to photographs of Apple iCloud customers' most intimate moments.

Guilty plea. Jailed for 34 months.

37 year-old IT expert launched revenge cyber attack on previous employer company LetsXL of Colwyn Bay in April 2017. Over a four day period he changed the passwords and accessed mailboxes of five company employees.

Guilty plea to five CMA offences. Sentenced to 10 months in prison.

Daily Post

Daily Post

Esteves (aka KillaMuvz) ran the reFUD.me website which charged hackers for testing whether their malware would evade Anti Virus and Malware scanners from 2011 to 2015.

Sentenced to two years in jail.

National Crime Agency (NCA)

Bessell, 21, created malware sold on the dark web that allowed others to conduct Distributed Denial of Service (DDoS) attacks. Had remote control of over 9,083 bots.

Guilty plea. Sentenced to two years imprisonment and given a Serious Crime Prevention Order.

Ex Santander branch manager gave boyfriend customer information used for fraudulent transactions worth £15k.

Guilty plea. Sentence not known.

Manchester Minshull Street Crown Court 20/12/2017

Chappell, 19, launched 2,000 Distributed Denial of Service (DDoS) attacks including on Amazon, NatWest and Netflix.

Guilty plea. Sentenced to 16 months in youth custody, suspended for two years, and ordered to undertake 20 days rehabilitation.

The Register

43 year-old Private Hospital financial administrator accessed colleagues' payroll data to find out their salaries.

Guilty plea. Sentenced to twelve weeks imprisonment suspended for one year and ordered to complete ten days of rehabilitation.

Police Constable accessed Lancashire Constabulary systems 21,802 times over 7 years to obtain personal details of car crash victims to sell on to ambulance chasing claims firms. Proceeds totalled £363,000.

Guilty plea. Sentenced to five years in prison.

Ex-Harrods IT worker asked computer repair shop to help him retrieve personal files (including his National Insurance number) on his company-issued laptop.

Guilty plea to CMA s1 charge. Fined £135 for the CMA s1 offence, ordered to pay £85 costs and £30 victim surcharge

Merseyside PC accessed police intelligence systems to snoop on two girlfriends and their previous partners

Guilty plea. Sentenced to nine months in jail suspended for two years, 200 hours of unpaid work, six month curfew 7pm and 7am (monitored by a tag) and 20 rehabilitation activity days.

ID Theft. 37 year-old found in possession of 500 BT and 500 Sky usernames and passwords. NCA investigation.

Guilty plea. Sentenced to two years 4 months in prison.

Hacker accessed two websites including Sports Direct and shut it down for half an hour.

Sentenced to 10 months in prison suspended for a year

25 year-old accessed a US military satellite communications system in June 2014 and stole 800 users' usernames, ranks and email addresses and details of about 30,000 satellite phones. US Department of Defense (DoD) estimated cost to fix the damage at about $628,000 (c. £450,000).

Guilty plea. Sentenced to 18 months in prison, suspended for 18 months.

Devereux aka "His Royal Gingerness" hacked into the websites of Norwich airport and the Norfolk and Norwich hospital in 2015. The airport's website was down for three days and said the breach cost £40,000 to fix.

Guilty plea. Sentenced to 32 weeks in prison, issued with a Criminal behaviour Order (CBO) preventing him from owning an internet enabled device unless he follows a set of strict rules for five years and ordered to pay £150 as a victim surcharge

Restaurateur Gordon Ramsay family feud. After a series of toxic civil disputes, father-in-law Christopher Hutcheson (Snr) and his two sons used key logger to capture passwords and hacked into Gordon Ramsay Holdings Ltd systems to access email accounts of employees, financial data and details of intellectual property (IP) rights.

Guilty pleas. Hutcheson (Snr) sentnced to six months imprisonment; Chris Hutcheson (Jnr) and Adam Hutcheson given four-month prison sentences, suspended for two years

South Shields man mounted DoS attacks against CeX, Durham Constabulary, Police Scotland and British Airways websites in October 2014. British Airways site down for an hour at an estimated cost of £100,000.

Guilty plea. Sentence not known.

PCSO with a personal grievance accessed restricted material on the GMP police intelligence computer system to try to frame an innocent man for attempted murder

Guilty plea. Sentenced to ninteen months imprisonment

29-year-old man spied on female victims using their personal webcams and used RAT malware to download intimate and personal files held on their computers. Refused to provide key to two encrypted hard drives.

Guilty plea. Sentenced to three years imprisonment (including 10 months consecutive for Failure to comply with RIPA section 49 notice to provide encryption key).

43 year old Crime prevention officer at Northumbria Police used force IT system to find out about an incident involving tenants at his flat without authorisation.

Guilty plea. 12-month conditional discharge, ordered to pay £85 costs and a £30 victim surcharge.

Central Criminal Court 13 December 2016

Central Criminal Court 10 June 2019

19 year old man involved in 2015 attack on ISP TalkTalk when more than 150,00 customers' data was stolen and demanded a payment of 465 bitcoins.

DDoS attack on Coleg Sir Gar website where he was a student.

Guilty pleas to 11 charges. Sentenced to four years' detention in a young offenders institution

Essex man harvested 2,133 passwords and usernames found in his possession in order to commit online fraud. Also supplied "stressor" and "booter" tools to allow others to carry out Distributed Denial of Service (DDoS) attacks. ERSOU Cyber Crime Unit investigation.

Guilty plea. Sentenced to prison for 18 months suspended for two years, to 200 hours community service, and ordered to attend a rehabilitation course and to pay back the profits of his crime (£8,829.32).

Police officer misused Bedfordshire Police systems to locate his victim (a cleaner at Luton Police Station) and defraud him out of his inheritance.

Guilty plea. Sentenced to five years, seven months imprisonment

"The Quadsys Five" hacked into a business rival IT security reseller's computer system to access customer and pricing data.

Guilty pleas. Directors Barnard, Cox and Streeter sentenced to 10 months imprisonment, suspended for two years, three month curfew, 150 hours of unpaid work and victim surcharge of £100; Manager Steve Davies sentenced to nine months imprisonment, suspended for two years, 150 hours of unpaid work, and victim surcharge of £100; IT Security Consultant Jon Townsend a 12-month community order, 275 hours of unpaid work, three month curfew and victim surcharge of £60.

Met police community support officer (PCSO) Potter used Met police computer system in a dispute over a dodgy second-hand car he had bought.

Mr Potter acquitted.

Founder member of international cyber crime network D33Ds used SQL injection attacks to obtain 300k usernames and passwords from Yahoo and offered them for sale. Also attacked a website selling computer game codes that were obtained for resale. Investigation by the National Crime Agency.

Jailed for two years after guilty pleas to three offences under CMA 1990 s3 and fraud.

Unemployed hacker accessed a gold bullion firm website to obtain names, addresses and tracking numbers of customers to enable associates to intercept the gold deliveries.

Pleaded guilty to conspiracy to steal, unauthorised access to a computer and blackmail and sentenced to five years and four months in jail.

Police officer trawled police computers to contact sex workers, track down a former lover and make 195 checks on a Gateshead gangster who he had fallen out with following a Christmas day brawl.

Sentenced to 255 hours unpaid work and ordered to pay costs.

Guildford Magistrates' Court 2 August 2016

Bored 17 year-old developed scripts to help harvest Mumsnet usernames and passwords and hacked into his school intranet.

Sentenced to a 12-month community order and 200 hours of unpaid community work.

SC Magazine

Man aka Tariq Elmughrabi bombarded Sussex Police's contact centre with 3,000 emails in six hours.

Pleaded guilty and sentenced to ten months jail, suspended for 18 months.

Computer Misuse Act 1990 s3 Unauthorised acts with intent to impair

14-year old Plymouth boy launched DDoS attacks against animal rights target websites and Devon and Cornwall Police and tweeted bomb hoaxes to American Airlines and Delta Air Lines.

Three offences under Computer Misuse Act Section 3 (the DDoS attacks) admitted. Convicted of two offences under Section 51 of the Criminal Law Act (the bomb hoaxes). District Judge Diana Baker had considered 12 month jail but sentenced him to a two year Youth Rehabilitation Order and ordered his laptop to be destroyed.

Expert evidence for the convicted Defendant. Agreed Joint Experts Report.

Computer Misuse Act 1990 s1 Unauthorised access

Thames Valley police officer accessed information on police computer system without authorisation.

Sentenced to 150 hours community service and £1,000 costs

Computer Misuse Act 1990 s1 Unauthorised access

Nottingham City Council manager used council computer systems to search confidential records and case files.

Sentenced to twelve months in prison, suspended for 18 months and 250 hours community service

Computer Misuse Act 1990 s1 Unauthorised access

Merseyside police officer accessed information on police computer system over eight years without authorisation.

Sentenced to two months in prison, suspended for 12 months.

Computer Misuse Act 1990 s1 Unauthorised access

Cambridgeshire police officer accessed information on a police computer system without authorisation.

Sentenced to two months in prison, suspended for 12 months.

Computer Misuse Act 1990

51-year old father of six launched DDoS attacks against over 300 websites after his five children were taken into social care.

Guilty plea to 21 offences. Sentenced to eight and a half months in prison.

Computer Misuse Act 1990 s1 Unauthorised access, s3 Unauthorised acts with intent to impair

Former Met Police detective used MPS computer systems for 230 searches between 2009 and 2013 for private use.

Sentenced to nine months in prison.

Teenager launched global distributed denial-of-service (DDoS) attacks against UK Home Office and FBI websites.

Guilty plea to the DDoS attacks and two counts of possessing 111 prohibited images. Eight month sentence suspended for 18 months, an order restricting his access to the internet and computer activity and an order to complete 250 hours unpaid of work.

Webcam voyeur used Blackshades Remote Access Trojan (RAT) malware to spy on people through their webcams.

Sentenced to a 40 week suspended sentence, seven years on the sex offenders register, 200 hours of unpaid work and the forfeiture of all his computer equipment.

Action Fraud

Revenge attacks by ex-Director on former network security company Esselar and its client Aviva over five months. 900 Aviva employees' phones hacked; Expenses claims rejected. Esselar Twitter account defaced. Esselar lost Aviva contract. Aviva recovered from attack within 24 hours.

Pleaded guilty to four counts of unauthorised or reckless acts with intent to impair computer operation. Actions had "damaged confidence and reputations in a way that can be far-reaching and serious". Sentenced to 18 months.

Senior Internal Auditor at Morrisons supermarket accessed and uploaded confidential personal data (including employees' names, addresses, NI and bank details) of nearly 100,000 employees to newspaper and data sharing websites.

Found guilty of fraud by abuse of position of trust, securing unauthorised access to computer material and disclosing personal data. Data breach cost the company more than £2m to rectify. Sentenced to eight years.

Teenager using the nickname Narko launched a series of crippling global distributed denial-of-service (DDoS) attacks against internet exchanges and services including Spamhaus.

Guilty plea to two counts of an unauthorised act with intent to impair computer operation. Sentenced to 240 hours of community service.

Teaching Assistant hacked into the school email system at Ormiston Victory Academy and used pupil's account to send email "There will be a bomb in school Monday".

Guilty plea to one count of communicating false information and one count of unauthorised computer access. Sentenced to 15 months imprisonment for both offences.

On over 40 occasions over four months in 2011 ex-employee hacked the computer systems of business competitor Rouncy Media Ltd, publisher of Coach & Bus Week magazine, for sales and email data. Four year investigation by Cambridgeshire Police.

Convicted, fined and given a community service order of 180 hours.

Adult student at University of Birmingham installed four keyboard spying devices to steal staff passwords used to obtain access to his examination results and improve grades.

Guilty plea to six CMA charges - unauthorised access to computer material, intent to commit further offences and impairing the operation of a computer. Four-month prison sentence.

Computer Misuse Act 1990, s3 Unauthorised acts with intent to impair

44 year old Casino croupier and supporter of Anonymous published DDoS cyber attack links to UK Home Office and Home Secretary Theresa May websites on Twitter.

Charged with encouraging or assisting an offence. Found Guilty.

Disgruntled ex-employee used access credentials to disable 120 of former employer's time-lapse cameras at construction sites around the world.

Unauthorised acts with intent to impair operation of a computer. Cost to restore the service, by sending an engineer to each location, was estimated at around £50,000. Jailed for 10 months.

Cyber-stalking Peeping Tom installed iCamSource software to spy on three young women in their bedrooms.

Guilty plea to three counts of unauthorised access to computer material and found guilty of two counts of voyeurism. 12-month suspended sentence. Ordered to forfeit his computer and pay a contribution to prosecution costs of £2,100 plus a £100 victim surcharge.

Expert advice.

Blackmailers threatened a £30M online casino with DDoS denial of service attacks.

Guilty plea. Both sentenced to five years and four months in prison.

Northampton Magistrates Court 28 November 2013

Burrell unlawfully accessed the accounts of 3,872 players of online game Runescape with intent to steal gaming resources and actually modified 105 player accounts

Guilty plea. Sentenced on 28 November 2013 to 12 month community order with supervision and 150 hours of unpaid work, Costs of £100 and surcharge of £60

Fraudsters posted fake job adverts for Harrods on Gumtree. Respondents were sent a link to an online application form that downloaded malware to capture financial and personal data. National Crime Agency (NCA) investigation.

Malware writer Ellis found guilty and jailed for four and a half years

Computer Misuse Act 1990, s1 Unauthorised access, s3 Unauthorised acts with intent to impair; s3A Making, supplying or obtaining articles for use in offence under section 1 or 3

NullCrew hacktivist Lewys Martin aka sl1nk launched Denial of Service (DOS) attacks on the websites of Kent Police (site temporarily unavailable to the public) and universities of Oxford and Cambridge; both universities estimated that around two man weeks were spent dealing with the attacks.

Guilty plea to five counts of Unauthorised modification, two counts of Unauthorised access and two counts of Making, supplying or obtaining articles. Sentenced to two years imprisonment.

R v Martin

Court of Appeal (Criminal Division) 31st July 2013

[2013] EWCA Crim 1420

Appeal on sentencing. Planning of the attacks was sophisticated and they were intended to cause harm and did so. The offences found to be of the highest level of culpability. Custodial sentences measured in years rather than months should now be expected. Sentence of two years' imprisonment was "amply justified". Appeal dismissed.

Judgement

LulzSec collective hactivists Ryan Ackroyd, Jake Davis, Mustafa Al-Bassam and Ryan Cleary used DDoS attacks to crash websites of major global institutions including USAF, CIA, FBI, SOCA, Sony and Nintendo and stole personal data including passwords and credit card details belonging to millions of people that was posted online en clair. Damages estimated in millions of pounds.

All four defendants pleaded Guilty. Ryan Cleary (aka ViraL), 21, to six charges and was jailed for 32 months. Ryan Ackroyd (aka Kayla), 26, was jailed for 30 months. Jake Davis (aka Topiary), 20, was jailed for 24 months. Mustafa Al-Bassam (aka tFlow), 18, was sentenced to 20 months suspended for two years, and 200 hours of unpaid community work.

Kingston-upon-Thames Crown Court 19 Mar 2013

Zeus Trojan developed by Beddoes a.k.a Black Dragon, 32, used in attempted transfers of some 750,00 carbon credits worth £6.5m from accounts at the UN in Bonn and Spain's Carbon Credit Registry to a UK broker co-defendant.

Guilty plea to six counts of conspiring to do unauthorised acts, with intent to impair computer programs, four counts of unauthorised access to business computers, three counts of possessing electronic files containing data from 3,000 credit cards. Sentenced to 2 years and 9 months imprisonment.

Southwark Crown Court 24 January 2013

Hacking group Anonymous members Christopher Weatherhead a.k.a "Nerdo", 22, Ashley Rhodes, 28, Peter Gibson, 24, and Jake Burchall, 18 carried out DDoS attacks in retaliation for withdrawal of services to WikiLeaks by PayPal, Visa and Mastercard between August 2010 and January 2011; one online attack was said to have cost PayPal at least £3.5m .

All four convicted. Weatherhead sentenced to 18 months in prison, Rhodes to seven months in prison and Gibson to six months prison (suspended). Sentencing of Burchall adjourned.

Leicester Crown Court 11 Jan 2013

James Marks, 27, and James McCormick, broke into Sony Music's servers and downloaded 7,900 files including tracks recorded by Elvis, JLS and Beyoncé and unreleased Michael Jackson tracks.

Guilty pleas. Both sentenced to six month in prison, suspended for one year and ordered to do 100 hours of unpaid community service.

Cambridgeshire Police officer attracted to a female witness used force computer system to obtain her phone number.

Guilty plea. Sentenced to four months imprisonment

Business manager of Royal Wootton Bassett Academy had recently been made redundant when she accessed the school email system using the login and password of another school employee and read private emails from the Head.

Defendant convicted. Fined £200. Ordered to pay court costs of £675 and £15 to a victim.

Southwark Crown Court 27/07/2012

18 year-old TeamPoison hacker Junaid Hussain aka TriCk hacked into a Gmail account used by Katy Kay, a former special advisor to Tony Blair and accessed and published personal details of 150 contacts including Tony Blair and family. Also used Skype to swamp UK anti-terrorism hotline with hoax calls.

Guilty plea. Six months youth detention sentence.

SpyEye trojan used to steal login credentials for online banking accounts and then uploaded to servers controlled by Cyganok and Zakrevski. Tip-off by Estonian Police led Metropolitan Police's Central E-Crime Unit (PCEU) to seize one of the UK-based servers. An estimated 1,000 computers had been infected with victims in the UK, Denmark, The Netherlands and New Zealand.

Guilty pleas. Pavel Cyganok was jailed for five years. Ilja Zakrevski for four years.

Southwark Crown Court 16/05/2012

[2012] EWCA Crim 1645; [2013] 1 Cr.App.R.(S.) 76

19 year-old McDonald's employee hacked into the Facebook account of Justin Bieber's girlfriend Selena Gomez by posing as the actress' step-father/manager to persuade Facebook staff to change the password to the account. After accessing and copying her private emails he contacted celeb magazines offering to reveal information about her.

Guilty plea. Sentenced to twelve months imprisonment.

Sentence reduced to eight months on appeal.

Southwark Crown Court 13/04/2012

Defendant associated with Anonymous group used log-on details of a system admin to access 10,000 database records from abortion provider BPAS (British Pregnancy Advisory Service) and post anti-abortion messages on its home page.

Sentenced to 2 years 8 months imprisonment.

Southwark Crown Court 17/02/2012

Software development student from York repeatedly hacked into Facebook and extracted internal material in Spring 2011 using the account of a Facebook employee who was on holiday. His targets included Facebook Puzzle and Mailman servers and a restricted area of the Facebook Phabricator server.

Guilty plea on two counts. Sentenced to 8 months imprisonment. Serious Crime Prevention Order (SCPO) made restricting access to the internet and forfeiture of computer.

Student used Istealer password-stealing kit to create Trojan that he wrapped in several malware programs. Users tricked into downloading which enabled Defendant to harvest login credentials of over 100 web users via an FTP server.

Charged with adapting an article intending it to be used to commit, or to assist in the commission of, an offence under section 1 or 3. Guilty plea. Sentenced to eight months' imprisonment suspended for 12 months.

Believed to be the first conviction for new S3A offence.

Creators of Gh0stMarket forum used by thousands to trade unlawfully obtained credit/debit card details, confidential personal information and malware tools.

Guilty pleas. Kelly sentenced to five years imprisonment, Webber five years, Thomas four years and Ricardo 18 months.

Exeter Crown Court 03/02/2011

Poker addict hacked into American poker company Zynga and stole £7m worth of virtual poker chips for resale on Facebook. Guilty plea. Sentenced to two years imprisonment (including term for breach of previous suspended sentence for hacking).

Guildford Crown Court 08/06/2010

R v Mark Hopkins

R v Scott Gelsthorpe and Jeremy Young

Inner London Crown Court 22 January 2007

Inner London Crown Court 6 June 2007

Employment dispute. Systems administrator alleged to have hacked in to employer's system to delete data in a revenge attack causing losses estimated in the hundreds of thousands of pounds. Case collapsed after four days of trial.

Re-trial. Prosecution offer no evidence. Defendant acquitted of all charges. Expert evidence for the Defence in both trials.

R v Matthew Byrne

R v David Lennon

R v Daniel Cuthbert

Horseferry Road Magistrates Court 07/10/2005

Computer Misuse Act 1990, s1 Unauthorised access

IT security consultant donated £30 to Disasters Emergency Committee Tsunami appeal website, then checked site security. Defendant found guilty of unauthorised access "with deep regret", convicted and fined £400.

BBC News

R v Joseph McElroy

Southwark Crown Court 03/02/2005

First-year university student sought shared internet storage for music, games and warez. Compromised site was a US Department of Energy research lab. Defendant convicted and sentenced to 200 hours community service.

Ex-employe deleted mail boxes in attack on mirrored IBM AS/400 systems. Three counts of unauthorised modification.

Guilty plea. Ordered to pay £5,000 compensation and £87 costs.

R v Aaron Caffrey

Southwark Crown Court 17/10/2003

Computer Misuse Act 1990, s3 Unauthorised modification

DDoS attack that crippled the Port of Houston, Texas. Attack mounted from teenaged Defendant's PC.

Defendant acquitted after Trojan Defence - other hackers had taken control of his PC using a Trojan Horse.

R v Simon Vallor

Southwark Crown Court 21/01/2003 EWCA Crim 2288

Computer Misuse Act 1990, s3 Unauthorised modification

Web designer created Gokar, Redesi, Admirer mass mailing viruses that infected 22,000 PCs worldwide. Defendant pleaded guilty, convicted and sentenced to two years jail. Appeal against sentence failed.

[2003] EWCA Crim 424 [2003] 2 Cr App Rep (S) 474

R v Stephen Carey

Hove Crown Court 19/09/2002

Computer Misuse Act 1990, s3 Unauthorised modification

Computer engineer deleted a company's files in a payment dispute. Defendant convicted, 18-month prison sentence.

Yarimaka v Governor of HM Prison Brixton

Queens Bench Division [2002] EWHC 589 (Admin) 20/03/2002

Computer Misuse Act 1990, s3 Unauthorised modification - Meaning of "modification" - Extradition - Habeas Corpus

Attempt by Kazakhs to blackmail Mayor of New York Michael Bloomberg for the sum of $200,000 by exposing security flaws in Bloombergs' computer system. Held that address spoofing affected the reliability of information for the purposes of s.3 Computer Misuse Act 1990. Applications for writs of habeas corpus denied.

R v Raphael Gray

Swansea Crown Court 06/07/2001

Computer Misuse Act 1990 Unauthorised access - Unauthorised modification

Teenage hacker aka Curador demonstrated security weaknesses in e-commerce web-sites and accessed 23,000 credit card records, some posted on his web-site. Viagra sent to Bill Gates using his credit card. Guilty plea. Defendant convicted and sentenced to three years probation and medical treatment for obsessive mental disorder.

R v Paul Brogden

Exeter Crown Court 19/04/2001

Computer Misuse Act 1990

Owner of Sure Computers sent price-war rival a virus in an e-mail attachment. Defendant convicted and sentenced to 175 hours community service, hardware confiscated.

R v Paul Maxwell King

Court of Appeal (Criminal Division) 24/11/2000 The Times 2 January 2001

Computer Misuse Act 1990, s3 Unauthorised modification - Incitement to others

Small-scale sale of hardware chips designed to access cable TV channels without authorisation or payment.

Defendant pleaded guilty and sentenced to four months imprisonment by Doncaster Crown Court.

Appeal against sentence. Held - Appropriate sentences for small-scale offences were a substantial fine or a period of community service. Appeal allowed.

R v William Culbert

Southwark Crown Court

Computer Misuse Act 1990, ss1, 2, 3 Unauthorised access - Unauthorised modification

Associated Newspapers print technician with superuser status offered Express Newspapers to destroy his employer's computerised print centres for GBP 600,000 Defendant pleaded guilty and convicted. Sentenced to 18 months imprisonment.

Morgans v Director of Public Prosecutions

House of Lords 17/02/2000 [2000] 2 WLR 386 The Times 29 December 1998; [1999] 1 WLR 968; [1999] Masons CLR 102

Computer Misuse Act 1990, s 1(1) Unauthorised access - Admissibility - Unlawful interception - Time limit on prosecution Computer Misuse Act 1990 s 11(2)

Hacking for purposes of making free overseas telephone calls. Printouts from BT Monolog telephone call logger. Held - time runs from when Prosecutor has knowledge of the relevant evidence under Computer Misuse Act 1990 s 11 (2). Appeal allowed in respect of five CMA 1990 charges, convictions quashed.

R v Michelle Begley

Coventry Magistrates Court

Computer Misuse Act 1990, s1 Unauthorised access - Harassment - Misuse of police national computer

WPC used police national computer to access electoral rolls and car registration records in attempts to track down woman who had an affair with her boyfriend. Defendant convicted. Sentence of three months imprisonment.

R v Bow Street Magistrates Court and Allison ex parte Government of USA

House of Lords 05/08/1999 The Times 7 September 1999; [1999] 4 All E R 1; [1999] 3 WLR 620; [1999] Masons CLR 380 [1998] 3 WLR 1156; [1998] Masons CLR 234; The Times 2 June 1998. [1999] C&L Oct/Nov, 21

Computer Misuse Act 1990, ss1, 2, 15, 17(5) Unauthorised access - Authority - Meaning of "control access" in s 17(5) - Extradition - Conspiracy

Authorised US American Express credit analyst gained access to unauthorised credit card accounts and PINs. Accomplice Allison used forged Amex cards in London in ATM US$ 1M fraud. Held - unauthorised access applies to the use of a computer to obtain unauthorised access to data. "Hacking" held to refer to all forms of unauthorised access whether by insiders or outsiders. Comments of House of Lords in R v Bignell on meaning of "control access" in Computer Misuse Act 1990 s.17 (5) distinguished. Habeas corpus denied.

R v Ian Morris and Richard Airlie

Cardiff Crown Court

Computer Misuse Act 1990 Unauthorised access - Unauthorised modification - Website defacement

Disgruntled IT supplier hacked estate agency website and replaced pictures of houses with pornography. Defendants convicted. £1250 fine and 100 hours community service (first web defacement conviction).

R v Matthew Bevan

Bow Street Magistrates Court 21/11/1997

Computer Misuse Act 1990, s3 Unauthorised access - Unauthorised modification - Conspiracy

Defendant teenage hacker aka Kuji charged with unauthorised access and unauthorised modification of USAF and Lockheed web sites (see also R v Pryce). Alleged cost of damage US$ 211k. No evidence offered by Prosecution at abuse of process hearing. Defendant acquitted.

R v Simon Regan, Julian Taylor

Horseferry Road Magistrates

Computer Misuse Act 1990, s1 Unauthorised access - Theft of information

PC service engineer Taylor passed personal diaries copied from Michael Portillo MP's House of Commons PC to Regan, editor of Scallywag magazine. Defendants convicted. £250 and £750 fines.

R v Christopher Moody

Bristol Crown Court 1997

Computer Misuse Act 1990, s3 Unauthorised modification - Admissibility PACE s69 - Reliability

Ex-employee IT specialist charged with accessing remote maintenance port of Local authority's computerised telephone switch. Outgoing calls could not be made and all incoming calls routed to a single extension.

Expert evidence for the Defendant. Voire dire on the reliability of files extracted from forensic image copy of hard disk of seized PC that had been corrupted by previous police investigation. Indictment stayed.

DPP v Bignall and Another

Queens Bench Division [1997] EWHC Admin 4706/06/1997 [1998] 1 Cr App R 1; [1997] Masons CLR 16; [1997] CLSR 13 No 5 352; The Times 6 June 1997 [1997] CLSR Vol 13, No. 4, 222

Computer Misuse Act 1990, ss1, 2, 15, 17 Unauthorised access - Authority - Meaning of "control access" in s 17(5) - Misuse of police national computer

Two Metropolitan Police PCs caused a police computer operator to obtain DVLA motor vehicle registration and ownership data via the Police National Computer for their own private purposes. Held - Defendants generally authorised to control access to data; Access for an unauthorised purpose not an offence. Unauthorised access held to apply to external hackers. Defendants acquitted.

Edward Yearly v Crown Prosecution Service

Queens Bench Division [1997]EWHC Admin 30821/03/1997

Computer Misuse Act 1990, s1 Unauthorised access - Admissibility PACE s 69

Computer engineer copied a security file while on-site at Marks & Spencer's Harrow store. File was then posted on Gates of Underworld BBS. Late Defence challenge to admissibility under PACE s 69. Held that court of first instance had and was entitled to exercise its discretion to allow the prosecution case to be re-opened.

R v Pryce

Bow Street Magistrates 21/03/1997

Computer Misuse Act 1990, ss1, 3 Unauthorised access - Unauthorised modification - Conspiracy

Teenage hacker aka Datastream Cowboy charged with unauthorised access and modification of USAF and Lockheed websites. Phone-freaking to Seattle ISP via Bogota telephone switch (see R v Bevan aka Kuji). Defendant pleaded guilty and convicted. £1200 fine for twelve Unauthorised access offences and £250 costs order.

R v Dyson

Daventry Magistrates Court

Computer Misuse Act 1990, s3 Unauthorised modification

Commercial dispute between company and software supplier. Alleged logic bomb/timelock caused by batch file that denied access to software. Investigation of computer evidence by unqualified freelance examiner.

Expert evidence on the procedures used for the seizure and preservation of the computer evidence, the possibility of corruption of the computer evidence and its reliability. Indictment stayed.

R v Feltis

Reading Crown Court

Computer Misuse Act 1990, s3 Unauthorised modification

Video surveillance of computer operator disconnecting cables on IBM AS/400 at Thorn UK. Alleged cost of damage £500,000. Defendant convicted. Sentence of twelve months imprisonment.

R v Pile

Plymouth Crown Court 15/11/1995

Computer Misuse Act 1990, ss 2, 3 Unauthorised access - Unauthorised modification

Defendant aka The Black Baron authored Pathogen and Queeg viruses. Polymorphic encryption engine used to conceal viruses within innocuous programs. Defendant convicted. Sentence of 18 months imprisonment (first virus writer jailed).

R v Mahomet

Middlesborough Magistrates Unreported

Computer Misuse Act 1990, s1 Unauthorised access - Authorisation

Disclosure to journalist by BT Customer Services staff of ex-directory telephone numbers. Defendant acquitted.

R v Birch

Gloucester Crown Court

Computer Misuse Act 1990, s3 Unauthorised modification

Stock control barcodings modified by Safeway employee in Gloucester supermarket. Defendant convicted. 150 hours community service order.

R v Spielmann

Bow Street Magistrates

Computer Misuse Act 1990, ss 1, 3 Unauthorised access - Unauthorised modification

Ex-employee of Bloomberg financial news agency used another employee's authorised account to delete and modify emails and to send obscene messages to subscribers. Defendant convicted. Sentence of 12 months conditional discharge. Costs order of £160.

R v Rymer

Liverpool Crown Court

Computer Misuse Act 1990, s3 Unauthorised modification

Defendant male nurse obtained doctor's password by shoulder-surfing and used that user account to modify Hospital patient prescription and treatment records. Defendant pleaded guilty to two charges of unauthorised modification and convicted. Sentence of 12 months in prison.

R v Malcolm Farquharson

Croydon Magistrates Court 09/12/1993 Computer Weekly 13 January 1994

Computer Misuse Act 1990, ss 1, 2 Unauthorised access - Authorisation

Mobile phone cloning. Accused instructed (i.e. without personally accessing a computer) an accomplice to access records by telephone (see R v Pearce). Held - use of telephone to instruct accomplice to access records by telephone made defendant a party to hacking by accomplice (see R v Pearce). Defendant found guilty of three counts of unauthorised access and convicted. Sentenced to six months imprisonment.

R v Emma Pearce

Croydon Magistrates 09/12/1993 Computer Weekly 13 January 1994

Computer Misuse Act 1990, s1 Unauthorised access - Authorisation

Mobile phone cloning. Accused instructed by Farquharson to access telephone records (see R v Farquharson). Defendant convicted. £300 fine.

R v Alfred Whittaker

Scunthorpe Magistrates Court

Computer Misuse Act 1990, s3 Unauthorised modification

Software developer AAS Management Systems installed bespoke software with covert timelock for Protech Formulations Ltd. Timelock activated and denied access to software after dispute arose over unpaid fees. Held - installing and activating a covert software time-lock is an Unauthorised modification. Defendant convicted. Conditional discharge. Decision widely reported as "time-locks are illegal".

R v Vatsal Patel

Aylesbury Crown Court 02/07/1993 [1993] C&L Vol 5 Issue 1 April 1994 Computing 15 July 1993

Computer Misuse Act 1990, s3 Unauthorised modification - Admissibility - PACE s 69

Contract programmer alleged to have deleted software development files to prolong his contract. "Wrecking programs" ran automatically in background to delete software development team's work. Held - evidence of file directory entries was admissible, and that doubts on its reliability go to weight of evidence. Defendant acquitted (first Computer Misuse Act 1990, s 3 acquittal after trial).

R v Strickland, R v Woods

Southwark Crown Court 21/05/1993

Computer Misuse Act 1990, ss 1, 3 Unauthorised access - Unauthorised modification - Conspiracy

Hacking by Eight Legged Groove Machine 8LGM gang - JANET Joint Academic Network, NAA, BT, Financial Times, European Commission sites hacked by 8LGM. Alleged damage of £120,000. Defendants pleaded guilty and convicted. Sentence of 6 months imprisonment (first CMA jail sentences). Hacking described as "intellectual joyriding" and "not harmless".

R v Paul Bedworth

Southwark Crown Court

Computer Misuse Act 1990, ss 1, 3 Unauthorised access - Unauthorised modification - Conspiracy

Hacking by Eight Legged Groove Machine 8LGM gang - JANET, BT, Financial Times, European Commission sites. Alleged damage of £120,000. Expert psychiatric evidence of obsessive addiction to hacking. Held - defendant was "addicted to hacking", and lacked criminal intent. Defendant acquitted.

R v Elaine Borg

[Not Known]

Computer Misuse Act 1990, s2 Unauthorised access with intent to commit further offence

Computer operator at Henderson Financial Investment Services accused of hacking into the company's computer system with intent to defraud her employer of one million pounds. Defendant acquitted on Computer Misuse Act 1990, s 2 charge

R v Gareth Hardy

Old Bailey

Computer Misuse Act 1990, s3 Unauthorised modification - Denial of access

Encryption package installed by defendant computer manager. Time-lock (data no longer decrypted) activated one month after end of defendant's employment. Defendant pleaded guilty and convicted. £3000 compensation order and 140 hrs community service order.

R v Trollope

Worcester Crown Court

Computer Misuse Act 1990, s 3; Theft Act 1968 Unauthorised modification - Theft of client list - Confidential information

Ex-employee stole 1,700 customer records on backup tape before setting up competitive PC networking company. Alleged denial of access to original customer records by virus. Defendant convicted of theft and acquitted of unauthorised modification virus charge. Conditional discharge and £15 compensation order.

Attorney-General's Reference (No.1 of 1991)

Court of Appeal 16/06/1992 [1992] 3 WLR 432, [1992] 3 All ER 897, [1992] CL&P Vol 8, No 4 95

Computer Misuse Act 1990, s1 Unauthorised access - Meaning of "any computer"

Cropp Appeal - appeal against acquittal of ex-employee alleged to have obtained 70% discount to which he was not entitled using POS till. Held - meaning of "any computer" was not "any other computer".

R v Richard Goulden

Southwark Crown Court The Times 10 June 1992 Computer Weekly 18 June 1992

Computer Misuse Act 1990, ss 1, 3 Unauthorised modification - Denial of access

Software contractor in dispute with company over unpaid fees installed access control security package. Denial of access by witholding password. Alleged damage of £36,000. Defendant convicted. Conditional discharge and £1650 fine.

R v Cropp

Snaresbrook Crown Court 05/07/1991 [1991] 7 CLSR 168, [1991] CL&P July/August 270 Computer Weekly 11 July 1992

Computer Misuse Act 1990, ss 1, 2 Unauthorised access - Theft

Defendant ex-employee alleged to have obtained 70% discount to which he was not entitled using POS till. Defendant acquitted after jury instructed that access was required from another computer.

R v Ross Pearlstone

Bow Street Magistrates Court

Computer Misuse Act 1990, ss 1, 2 Unauthorised access

Ex-employee made unauthorised use of his former employer's Mercury telephone account to make "free" calls. Defendant pleaded guilty to two charges and convicted (first CMA 1990 conviction). £900 fine.

R v Bennett

[Not Known]

Computer Misuse Act 1990, s1 Unauthorised access

Ex-police superintendent used police national computer to track down his ex-wife's new partner Defendant pleaded guilty and convicted. Fined £150 and costs order.