UK Computer Misuse Act Crib Sheet

What is the Computer Misuse Act 1990?

  • A UK law designed to prevent unauthorized access to computers and data.
  • Covers hacking, cybercrime, and other misuse of IT systems.
  • Criminalizes certain actions to protect individuals, businesses, and governments from cyber threats.

Key Offences

  1. Unauthorized Access (Hacking):

    • Gaining access to someone’s computer system or data without permission.
    • Doesn’t matter if no damage is done—just getting in is illegal.
    • Penalty: Up to 2 years in prison and/or a fine.
  2. Unauthorized Access with Intent to Commit Further Offences:

    • If you hack into a system with plans to commit another crime (fraud, blackmail, etc.).
    • Penalty: Up to 5 years in prison and/or a fine.
  3. Unauthorized Acts with Intent to Impair Operations:

    • This includes using malware, viruses, or denial-of-service attacks (DDoS) to disrupt or damage a system.
    • Penalty: Up to 10 years in prison and/or a fine.
  4. Making, Supplying, or Obtaining Hacking Tools:

    • Creating, distributing, or owning software meant for hacking or illegal activities is also a crime.
    • Penalty: Up to 2 years in prison and/or a fine.

Examples of Illegal Activities

  • Hacking into email or social media accounts.
  • Sending viruses to crash systems or steal information.
  • Phishing for login details or sensitive data.
  • Using DDoS attacks to take down websites or services.
  • Selling or distributing hacking tools like keyloggers or ransomware.

Penalties

  • Fines and prison sentences depending on the severity:
    • Minor: Up to 2 years.
    • Serious: Up to 10 years.

Practical Tips

  • Stay Legal: Get permission before accessing or testing anyone else’s system (penetration testing requires consent).
  • Avoid shady tools: Don’t use or distribute hacking software unless you’re authorized (e.g., ethical hacking with permission).
  • Report incidents: If you’re affected by cybercrime, report it to the police or relevant authorities (Action Fraud in the UK).

Bottom line: Stay out of systems that aren’t yours. No permission? It’s a crime!