Bad raps for non-hacks

Monday, 16 June 2003, 5:15 PM EST

Some recent (and not so recent) cases illustrate how computer security professionals and well intentioned whistle-blowers face a genuine risk of running afoul of computer crime statutes simply for forgetting to ask the right person, "May I?," before doing a computer security assessment.

Take the case of Scott Moulten, a computer security professional in Georgia. He was the principal person responsible for computer security (through a private company) for a county in Georgia. The county worked with various cities coordinating and providing 911 Emergency Response Services. When one city wanted to hook up to the county's 911 network, Moulten performed a port scan and throughput test on that city's network to see if the computers were vulnerable to exploit.

Of course, they were. Moulten wisely went no further, and never attempted to penetrate any of the computers he scanned, and the city eventually plugged the holes.

Did the city award him a medal? A raise? A new contract? No... they promptly contacted the Georgia Bureau of Investigation, which searched and seized his computer and arrested him for violating the Georgia computer crime laws.

[ Read more ]




Spotlight

Compromised cPanel "Account Suspended" pages redirect to exploit kit

The code redirects visitors to another URL where the Fiesta exploit kit is hosted, which then tries to detect and exploit several vulnerabilities in various software. If it succeeds, the visitors are saddled with a banking Trojan.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Feb 27th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //