I used to be dubious of terms like "cyberterrorism" and "cyberwarfare" but as the Internet phenomenon progresses, the terms are now beginning to mean something.
Added to the threat from loners and organised cyber-terrorists, is that of cyber-industrial espionage and cyber-crime. The problem with both of these forms of intrusion is that they usually have financial backing and can therefore utilise sophisticated technology and skilled programmers.
Cyber-industrial sabotage activities usually relate to industrial secrets which have real commercial value to competitors. In some countries the law enforcement agencies may view this activity as merely being a breach of civil law rather then criminal law, but in the case of cyber-crime they clearly fall into the category of criminal activity.
So, how does UK law deal with such? Primarily this type of activity is currently covered in the Computer Misuse Act. The Act created three offences:
The first offence relates to basic hacking. A party gains access to data, eg a file, and he knows that such access has not been authorised. The second offence covers the hacker who gains access to a computer with intent to commit a more serious offence, eg to move money from an account held by another person. The third offence covers the introduction of a virus. This offence is committed if the person does an act which causes the unauthorised modification of the contents of any computer, and at the time he has the intent and knowledge.
These laws may not now be sufficient to cover the new forms of cyber-terrorism, and may have significant defects because of their inability to keep pace with changing technologies.
Andrew Rigby is head of e-commerce and digital law at law firm Tarlo Lyons. He can be contact by email.
This was first published in May 2000