Magazine article Security Management

Who's Liable for Hack Attacks?

Magazine article Security Management

Who's Liable for Hack Attacks?

Article excerpt

Do owners of computers hijacked and used for illegal purposes bear any legal responsibility for the crimes committed?

A hacker breaks into a university computer and installs a program that will turn it into a 'zombie,' allowing the hacker to use it as a staging point for a distributed denial of service attack against other sites. When the attack is launched, the targets are forced to shut down for hours, potentially costing them hundreds of millions of dollars. Months later, the hacker is arrested. But do the owners of the computers used to launch the attack bear any legal responsibility for the damage to the victims?

"I could easily foresee those suits being brought," says Todd H. Flaming, a partner with Schopf & Weiss and an adjunct professor of cyberspace law. He believes that the most likely lawsuit will be a negligence action, which will raise many legal questions.

"Negligence tends to be 'A owed a duty to B and then breached that duty, and as a result of the breach, B was damaged,'" he says. "But to find a duty to a third party in a denial of service attack, somebody to whom there is no obligation, the question is, is there a duty of due care to protect your systems from hackers? …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.