A Year Ago: Exclusive: UK hackers have an easy life

A Welsh ex-hacker, famed for cracking the Pentagon's computers from his Cardiff bedroom, claims inadequacies in UK law and erratic media coverage guarantee leniency for British hackers -- even for serious offences.

Mathew "Kuji" Bevan, who was acquitted of endangering the national security of the United States by the High Court in November 1997 says, "The American media has quite an anti hacker view. Over here they have a much more positive attitude. They believe in the 'cool hacker', the anarchist kind of thing. In my case the press was saying 'Cardiff boy done good' and that sort of thing. I had a very positive response from the press... it makes are real difference to the number of successful prosecutions there are over here."

This follows claims by U.S. hackers that the media can actually provoke hacking, and comes just days before this year's biggest and most hyped computer security spectacle, Def Con 7.0 in Las Vegas.

"I can't remember the last time I read about a British hacker being prosecuted," says Kevin Street, anti-virus guru at Symantec. "However, you must remember that there is a lot of shame that goes with being hacked and companies are not exactly keen to promote it," adds Street.

Bevan believes that another UK hacker, Paul Bedworth, got off lightly during his trial in 1992 despite overwhelming evidence against him, largely because of the sympathetic attitude of the British press towards hackers. "Although there was a great deal of evidence against him, the jury really fell for his defence -- that he was addicted to computers," says Bevan.

Bevan concedes however, that the British press are a fickle bunch who either love you or hate you, sometimes with devastating results.

Another British hacker, Nicholas Whitely, nicknamed "mad hacker" by the tabloids, was given a prison sentence in 1988 largely because his particularly destructive hacking of ICL and various universities -- wiping files and bringing down hundreds of computers -- prompted outrage in British papers.

Bevan believes there are other fundamental differences between hackers in the UK and the US: "Hacking probably seems less prevalent over here because British hackers know better than to hack at home. British law is also less geared towards convicting hackers. The 1990 Computer Misuse Act is very vague. It's designed so that it won't have to be regularly updated. Most hackers who are convicted are charged with other offences such as fraud, criminal damage or even software piracy."

Peter Sommer, research fellow at LSE, and author of the Hacker's Handbook says: "The term 'hacker' has become a very convenient trigger word for the press. They are always trying to get a sexy angle. Often they have gone for the idea of the little kid taking on the huge corporation."

Sommer believes it is not the law that restricts the number of successful cases against hackers in the UK. "The law is fairly effective. The cost for the police and the judicial system prevent prosecutions. If someone is just accessing a computer without authority and not doing anything else illegal, there's little point in prosecuting them."

Why do we hear so little about British hackers? Tell the Mailroom

Take me to Hackers