X
Tech
Home Tech Services & Software Collaboration

British teen in court over 'e-mail bomb' charges

A teenager accused of unleashing an "e-mail bomb" on his former employer will appear in court on Tuesday in what will be a test case for the UK's Computer Misuse Act.British police accuse the youth of sending 5 million e-mails to the company he used to work for.
Written by Tom Espiner, Contributor
A teenager accused of unleashing an "e-mail bomb" on his former employer will appear in court on Tuesday in what will be a test case for the UK's Computer Misuse Act.

British police accuse the youth of sending 5 million e-mails to the company he used to work for. This amount of e-mail could cause an e-mail server to crash and is hence a form of denial-of-service (DoS) attack.

The case will prove to be a test of the effectiveness of the CMA, as nobody has yet been convicted under the act of launching a DoS attack. According to those familiar with the case, the teenager's defence will argue that launching a DoS attack is not illegal under the CMA.

The CMA does not specifically include a denial-of-service attack as a criminal offence, something some members of the UK parliament want changed. The act explicitly outlaws "unauthorised access" and "unauthorised modification" of computer material, but DoS attacks sit in a legal grey area.

The youth is being tried at Wimbledon Magistrates Court in London under section 3 of the CMA, which concerns unauthorised data modification and tampering with systems.

The defence is expected to argue that the young man can't be convicted under the CMA because a flood of e-mail would not modify any data on the server, according to Peter Sommer, a technical expert who is expected to be called by the defence.

"When you send an e-mail to an e-mail server, you are not modifying that server, because the purpose of the e-mail server is to sit around waiting to receive e-mails aimed at that domain," Sommer, a senior research fellow in the London School of Economics' Information Systems department, said.

If the e-mails themselves contained no malicious software that could modify the system, then sending them would not contravene CMA, according to Sommer.

The CMA has come under attack in recent weeks, following the conviction of a man for gaining unauthorised access to a fund-raising Web site.

Speaking on the outcome of the case, Sommer said, "this legislation is 15 years old, and due to the nature of technology, (it) is more likely to become rapidly obsolete. It will be interesting to see what will happen."

ZDNet UK's Tom Espiner reported from London. For more coverage from ZDNet UK, click here.

Editorial standards
Show Comments

Related

asus-zenbook-14-main

The work laptop I recommend to most people is not made by Apple or Lenovo

Microsoft Copilot

7 reasons I use Copilot instead of ChatGPT

usb-kindle

Have an old Kindle? Whatever you do, do not do this one thing