New laws brand hackers as terrorists

Virus writers and hackers could soon be branded as terrorists, as new anti-terrorism laws come into force in the UK today.

The Terrorism Act expands on the definitions covered by the 1973 Prevention of Terrorism Act and will clamp down on UK-based groups or individuals threatening violence or disruption, traditional or electronic, within and outside the country.

Home Secretary Jack Straw today confirmed that traditional terrorist paramilitary organisations would be ranked alongside cyber vandals who disrupted hospitals or power supplies by hacking into computer systems.

This means that the unnamed author of the Kournikova virus could have faced the same charge as someone who had made a bomb, had he been caught in the UK.

"We have broadened [the Act's] scope away from just Irish terrorism to any other kind of terrorism because frankly there are other types of terrorists these days, and it is very important that we should have similar kinds of powers to those of other countries," said Straw.

The announcement was welcomed by antivirus companies in the wake of the Kourikova virus, which hit email systems worldwide. Eric Chien, chief researcher at Symantec, said that people had become complacent when dealing with malicious virus writers.

"For a long time we have needed more laws to deal with code authors writing viruses with intent to cause damage. But until now, authorities have only been willing to take action if the virus is actually loose in their own back yard," he said, explaining that authorities such as the FBI will only start hunting for virus writers if the code gets loose on their own network.

"International communication is finally getting better for dealing with virus outbreaks, and authorities are making better use of resources to track down virus writers and punish them. Now you can be prosecuted for writing a virus in the same way as you would be prosecuted for making a bomb," added Chien.

But Paul Rogers, network security analyst at MIS, expressed concern at the level of power being handed to the authorities.

"Something needed to be done about computer misuse, but there is great potential for abuse of these laws," he said. "Although Straw wants to clamp down on the use of the internet as a terrorist tool, some cases would be better suited to the Computer Misuse Act. It seems like the government is trying to control the internet."

"Potentially, some script kiddy could find himself detained in a police cell with nothing but bread and water, because the new laws label him as a terrorist," he added.