Distributed Denial of Service Attacks: Against the Law?

A computer hacker’s favourite weapon is the distributed denial of service attacks. These can deliver against websites by allowing users who open their browsers to allow a program to distribute multiple requests to target servers to break them down. Arrests have been made against computer users who have participated in distributed denial of service attacks or DDoS. However, is this really punishable by law?

Under the Computer Misuse Act of 1990, particularly section 3, states that any unauthorised act with intent to impair or damage computer operations of individuals is considered an offense. If the computer user has knowledge that his or her actions are unauthorised, authorities can arrest him or her for the offense.

The computer user is punishable if they have the intent to damage or impair the operation of the computer, hinder its access to any program or data in the computer and hinder its operations. Recklessness or mens rea in a criminal case means that the computer user knows the presence of a risk with their actions and that in all cases, taking the risk is actually unreasonable for the computer user’s end.

Any person guilty of violating the Computer Misuse Act of 1990 is subject to a summary conviction in England and Wales, can be imprisoned for 12 months or to a fine, or both. The maximum imprisonment they could serve is ten years, with or without fine.