Teenager jailed for Web attacks

A US teenager has been jailed for five years after launching attacks against online sportswear retailers.

Jasmine Singh, who was sentenced last week, pleaded guilty earlier this year to two counts of computer theft after causing DDoS attacks against Web sites selling sports jerseys and other sporting goods.

Singh used computer viruses to compromise and take control of thousands of PCs. He then organised them into a botnet, and targeted two companies that sold sports clothing online. Prosecutors said that Singh had caused around $1.5m (£830,000) damage to Jersey-Joe.com, and another online company, Distant Replays.

According to reports, Singh claimed that he has been hired by the owner of two competing online retail sites who wanted to disrupt his rivals.

Singh originally faced two first-degree charges of computer theft, carrying up to 20 years imprisonment each. These were later reduced to second-degree offences, with a maximum sentence of 10 years each. He was also ordered to pay compensation of $35,000.

In the UK, the Computer Misuse Act (CMA) does not include the specific crime of launching a DDoS attack. The All Party Parliamentary Internet Group has lobbied for this to be changed, and in July Tom Harris, MP, introduced a bill to update the CMA.

The government has committed itself to updating the CMA, but so far has failed to produce any definite proposals.