The largest computer-hacking ring in Canada’s history was broken up this week. But if the past is any indication, the criminals will get off with a slap on the wrist, raising questions about how cyber crimes should be punished in the future.
Police in Quebec arrested 17 suspected hackers Wednesday morning, the National Post reports. The group is accused of using malicious computer code to gain control of more than one million computers. They then used these computers to send spam emails, steal people’s identities and for other nefarious activities. The police estimate that the gang caused over $45 million in damage. The catch: The maximum sentence the hackers can get under the law is 10 years in prison, and history suggests they’ll get off with much lighter sentences.
It’s another reminder that for crooks, the benefits of cyber crime greatly outweigh the risks. One corporate security officer calculates that the chances of convicting a hacker are at best one in 7,000 and could be as low as one in 600,000. And the criminals who are caught often receive punishments that are quizzically light, often measured in months rather than years. The Prime Minister of Estonia, whose country was taken offline by hackers recently, told the Business Technology Blog in December that it wasn’t clear if hijacking computers in order to conduct such an attack was even illegal in his country.
So how can society prevent these attacks in the future? A poster on GigaOm thinks it’s time to stiffen the penalties for computer crimes. “Historically, when the effects of the crime are far greater than the difficulty of committing them, we’ve used the threat of excessive penalties as a deterrent,” Alistair Croll wrote. For example horse thieves in the Old West were often hanged, as were people caught shaving the metal from coins.
Capital punishment seems a bit extreme to us. But it’s clear cyber laws need a rewrite.
URL: http://blogs.wsj.com/biztech/2008/02/22/laws-go-soft-on-hackers/trackback/
Comments
Report offensive comments to blogsadmin@wsj.com
Thanks for the nod, Ben. Just to be clear: I’m not advocating any particular course of action. It’s simply that history has shown legislation tends to have a disproportionate response when the crime’s easy to commit and has a huge potential impact. And that in this case, it’s consumers’ lack of good security practices that makes their desktops easy targets for hackers.
Capital punishment seems a bit extreme to me, too — I was just looking at history. I agree strongly with Nicholas Carr in The Big Switch, who notes that legal systems often lag entrepreneurs, criminals, pornographers, and other early-adopters of technology and the resulting backlash can often go too far, stifling freedom and innovation.
-
