Jan 202018

Brinkwire reports:

A former Santander bank manager has pleaded guilty to £15,000 worth of computer misuse crimes after her boyfriend talked her into giving him illicitly obtained customer information.

This morning at the City of London Magistrates’ Court in England, Abiola Ajibade, 24, of Martock Court, Consort Road, Southwark, pleaded guilty to “causing a computer to perform a function to secure unauthorised access to a program or data” contrary to section 1 of the Computer Misuse Act 1990.

Her crimes took place over the course of a year, starting in August 2015 when she was aged 22.

Read more on Brinkwire.

Jan 192018

Those of you who are old enough to remember the Rebecca Schaeffer murder may see some similarities in this case.

Jiji Press reports:

A branch of Yokohama District Court on Monday ordered the city of Zushi, Kanagawa Prefecture, to pay ¥1.1 million in damages for leaking information that led to the murder of a 33-year-old woman by a stalker.

The victim, Rie Miyoshi, was stabbed to death at her home in Zushi on Nov. 6, 2012. The stalker, her former boyfriend, obtained her address from the city government through a private detective. The stalker, 40, killed himself at the murder scene immediately after taking her life.

Read more on The Japan News.

Jan 182018

Andrea Kades reports:

Nicosia general hospital has lost 94 patient medical records since 2016 that are nowhere to be found, personal data protection commissioner Irene Loizidou Nicolaidou said on Thursday.

In an interview with the Cyprus News Agency, she said this posed a serious risk and as outlined in the latest audit report for the hospital, three patients had filed a complaint for which the hospital had to pay a €3,000 fine each.

Though the health ministry has been studying creating digital medical records for patients since 2012, nothing has been implemented as of yet, Nicolaidou said.

Read more on Cyprus Mail.

Jan 182018

A hacker who was responsible for thousands of cyber-attacks on firms around the world including Skype and Google has been jailed for two years.

Alex Bessell, 21, from Liverpool, was sentenced at Birmingham Crown Court today (18 January) after admitting to a number of offences under the Computer Misuse Act on 4 December at the same court.

Alex Bessell. Credit: West Midlands Police.

He was also convicted of various other offences, including money laundering, which were linked to the hacks.

As well as the cyber-attacks, Bessell was responsible for creating programmes for sale allowing others across the globe to conduct Distributed Denial of Service (DDoS) attacks and steal data.

Bessell (dob 13.09.1996) pleaded guilty to the following charges at Birmingham Crown Court on 4 December:

  • Two counts of: Doing an unauthorised act or acts with intent to impair, or with recklessness as to impairing the operation of a computer or computers, contrary to section 3 of the Computer Misuse Act 1990;
  • One count of: Unauthorised access with intent, contrary to section 2 of the Computer Misuse Act 1990;
  • Two counts of: Conspiracy to make an article for use in offences under Section 3 of the Computer Misuse Act 1990, contrary to section 1 (1) of the Criminal Law Act 1997;
  • One count of: Entering into or becoming concerned in a money laundering arrangement, contrary to section 328 (1) of the Proceeds of Crime Act 2002;
  • One count of: acquiring criminal property, contrary to section 329 (1) (a) of the Proceeds of Crime Act 2002;
  • Three counts of: conspiracy to make or supply an article for use in offences under section 3 of the Computer Misuse Act 1990, contrary to section 1 (1) of the Criminal Law Act 1997; and
  • One court of: Encouraging or assisting offences, contrary to section 46 of the Serious Crime Act 2007.

When police raided his home, his computer was found to hold 750 names and passwords from infected computers. It also held two programmes which are designed to infect computers and retrieve email, banking and log-in details from a web data form before passing it over the internet to a secure server.

He created an online marketplace and sold both his and others’ malware products which enabled users to spread viruses.

These included remote administration tools, denial of service packages, programmes to bypass anti-virus software and other malicious programmes. He took a cut of the sales and his earnings from cyber-crime exceeded US$50,000.

Bessell’s site advertised 9,077 items and it had 1,000,000 recorded visitors with over 34,000 sales.

He registered the company using a false address to give it a legitimate company status.

Bessell was arrested following an investigation by West Midlands police’s Cyber Regional Organised Crime Unit.

As part of his sentence, he was also given a Serious Crime Prevention Order.

Hannah Sidaway, for the Crown Prosecution Service, said: “Bessell was responsible for the creation, use and distribution of computer malware from 2010 onwards – during which time law enforcement have seen this type of criminality grow at a phenomenal rate.

“His actions enabled others across the world to commit thousands of criminal attacks. Such activity can result in the compromising of personal data, extortion, loss of valuable data or work, loss of custom for businesses and a high cost to rectify the damage sustained.

“Bessell’s arrest and prosecution was a result of a lengthy and complex police operation, which spanned several countries and involved the collection and analysis of detailed data to identify him.  The CPS provided investigative advice to the police at an early stage to ensure a case was built that could lead to his charging and eventual prosecution.”

Source:  Crown Prosecution Service

Jan 182018

Peter Dinham reports:

A majority of Australian IT decision-makers believe reporting of data breaches to regulators will help prevent cyber crime.

Surveyed by global security vendor Palo Alto Networks, 79% of IT decision-makers agreed that reporting breaches to regulators should be mandatory and 69% believed reporting of data breaches to regulators would help prevent cyber crime.

Are 69% being optimistic, naive, or both? We have mandatory disclosure here in the U.S. Have Australian experts noticed that we haven’t seen any decrease in cybercrime since 2005 and thereafter as state laws were implemented?

At first we consoled ourselves, telling ourselves that hey, it takes a few years for laws to have any impact.  But it’s painfully obvious by now that breach disclosure laws do not really help prevent cybercrime. No, no company wants the bad press for a breach or the risk of litigation, but these laws do not do enough to prevent cybercrime.


Read more on iTWire.