Emirates 'hacker' loses appeal

A UK computer consultant found guilty of hacking into an United Arab Emirates (UAE) ISP has had his appeal overturned.

Twenty-two-year-old Briton, Lee Ashurst, was initially found guilty of breaking into and misusing the services of Etisalat, the UAE's only internet service provider.

Ashurst appealed against the verdict but was last week also found guilty by the Dubai Appeals Court of opening the private emails of Etisalat employees. The court also upheld the initial charge.

Initially, the Misdemeanours Court of Dubai had found Ashurst guilty only on one count, ruling that the defendant could not be convicted of illegally opening messages because the word "message" in UAE law does not apply to electronic media.

The court case has since prompted a federal cabinet committee in the UAE to examine the introduction of cybercrime legislation to bridge the grey areas highlighted by Ashurst's actions.

Ashurst appealed against the first ruling last month after a forensic lab verified that his laptop had been used to access the ISP's network.

The computer also contained Etisalat password files and network probing and password decryption tools, such as John the Ripper and Saint, which are often used by hackers.

Despite technical academics from UAE University appearing as expert witnesses and claiming that the presence of such hacking tools does not necessarily constitute a crime, it would seem that the Appeals Court is taking a much harsher line with computer crime.

Etisalat is claiming that network downtime and business lost during the period of the intrusions is down to Ashurt's actions. The ISP is asking the court to award monies for alleged damages to its business.