What do you do with a teenager that costs thousands of companies millions of pounds? Well, in the case of Sven Jaschan, creator of the Sasser virus, you give him a suspended sentence and community service — a decision that has split the IT community.
The more hard-hearted feel that the best place for such a prolific virus writer is behind bars, pointing out that many of Jaschan's creations remain the most prevalent viruses today. What kind of message is sent to today's virus writers if young Sven skips off into the sunset to paint a few retirement homes? But those on the side of clemency argue that Jaschan was only 17 at the time, and that he didn't profit personally from his misdeeds.
Whether it's a good idea in principle to jail young people for acts of stupidity is a matter for eternal debate. In this case, though, the German court has made the right decision.
Jaschan is small fry. His viruses caused no end of disruption to IT systems around the globe, but such vandalism is no longer the problem that once it was. We have learned from them, as doubtless has Jaschan.
Today's challenge is the rise of the organised cybercriminal, who uses viruses and Trojan horses to take over our computers, or steal our identities and then our money. Next to these offenders, Jaschan is a twenty-first century Just William who found breaking Windows a source of mischievous pleasure but gave no thought to the cost of the clean-up.
Those who find his sentence and its justification inadequate should turn their displeasure to practical ends. The really serious online offenders out there need to be caught. High-tech police forces have long complained that their work is being hampered because companies who suffer hacking attacks suffer in silence or, even worse, pay ransom money to make the bad guys go away. This is a disservice to everyone.
Whatever happens to Jaschan, his misconceived creations will continue to circulate around the Web for months to come — which should serve as a reminder that many PCs still aren't patched against the vulnerabilities he exploited. But the legacy of his misdeeds should produce more than that. It should be the start of a pact across the IT sector to stand together in the face of organised cybercrime.