EXCLUSIVE: UK's 'outdated' cyberlaws preventing experts infiltrating cybercriminals' networks without THEIR permission must be reformed, campaigners say, as two thirds of Britons back call to update Computer Misuse Act

  • Two thirds of Britons back calls to redraft the 30-year-old Computer Misuse Act as campaigners say it leaves people vulnerable to attack 
  • Currently security experts must ask the permission of hacking and scamming gangs to interrogate their computers or face prosecution 
  • Experts are calling on the government to allow them to do so without first having to ask, as long as it is in the public interest

The UK's cybersecurity laws must be urgently updated to protect the public from hackers, a poll has found.

Two thirds of Britons back calls to redraft the 30-year-old Computer Misuse Act as it leaves people highly vulnerable to attack.

The survey was carried out by the CyberUp campaign, which argues that 'outdated' legislation has failed to keep up with technology.

The UK's cybersecurity laws must be urgently updated to protect the public from hackers, a poll has found. Two thirds of Britons back calls to redraft the 30-year-old Computer Misuse Act as it leaves people highly vulnerable to attack. The survey was carried out by the CyberUp campaign, which argues that ¿outdated¿ legislation has failed to keep up with technology

The UK's cybersecurity laws must be urgently updated to protect the public from hackers, a poll has found. Two thirds of Britons back calls to redraft the 30-year-old Computer Misuse Act as it leaves people highly vulnerable to attack. The survey was carried out by the CyberUp campaign, which argues that 'outdated' legislation has failed to keep up with technology

Currently, security experts must ask the permission of hacking and scamming gangs to interrogate their computers - or else face prosecution.

They are calling on the government to allow them to do so without first having to ask, as long as it is in the public interest.

It is supported by leaders of the UK's multibillion-pound tech industry, several politicians, and the Confederation of British Industry (CBI).

Currently, security experts must ask the permission of hacking and scamming gangs to interrogate their computers - or else face prosecution. They are calling on the government to allow them to do so without first having to ask, as long as it is in the public interest. It is supported by leaders of the UK's multibillion-pound tech industry, several politicians, and the Confederation of British Industry (CBI)

Currently, security experts must ask the permission of hacking and scamming gangs to interrogate their computers - or else face prosecution. They are calling on the government to allow them to do so without first having to ask, as long as it is in the public interest. It is supported by leaders of the UK's multibillion-pound tech industry, several politicians, and the Confederation of British Industry (CBI)

Kat Sommer, head of public affairs at NCC Group, a cyber security company supporting the CyberUp Campaign, said: 'The Act– written in 1990 – didn't foresee the birth of the cyber security profession, and therefore leaves ethical cyber security researchers in the lurch as to whether or not they will be prosecuted simply for doing their jobs. 

'The result is a chilling effect on the cyber security industry, leaving the UK less safe from cyber criminals. It's good to see that the public's instincts confirm what we believe to be indisputable: the time has come for an update to our cyber laws.'

Investigators say the current law makes it illegal for them to infiltrate cybercriminals' networks and then relay information back to the National Cyber Security Centre (NCSC) to take action.

Investigators say the current law makes it illegal for them to infiltrate cybercriminals' networks and then relay information back to the National Cyber Security Centre (NCSC) to take action

Investigators say the current law makes it illegal for them to infiltrate cybercriminals' networks and then relay information back to the National Cyber Security Centre (NCSC) to take action

In its current form, the act blanket prohibits all unauthorised access to computer material, irrespective of intent or motive.

This includes devices used by cybercriminals who are unlikely to permit access – leaving security experts 'having to act with one hand tied behind their back', campaigners argue.

CyberUp has been lobbying for the inclusion of a 'statutory defence' in the Act, so that researchers acting in the public interest can do so free from prosecution.

A survey of 2,093 adults last month found 66 per cent of UK adults backed the change.

CyberUp has been lobbying for the inclusion of a 'statutory defence' in the Act, so that researchers acting in the public interest can do so free from prosecution

CyberUp has been lobbying for the inclusion of a 'statutory defence' in the Act, so that researchers acting in the public interest can do so free from prosecution

It comes after a security chief warned this week that ransomware had become the biggest threat to the UK.

Lindy Cameron, chief executive of the NCSC, said hackers would continue to see ransomware as an 'attractive route' as long as organisations continued to remain unprotected.

Research has found there are around 65,000 attempts to hack into small to medium sized businesses every day.

The Home Secretary has previously said a review of computer misuse laws would help private investigators and police - and increase jail sentences. In May, Priti Patel promised to crack down on fake websites selling compromised details, networked cameras that spy on and harass individuals, and ransomware

The Home Secretary has previously said a review of computer misuse laws would help private investigators and police - and increase jail sentences. In May, Priti Patel promised to crack down on fake websites selling compromised details, networked cameras that spy on and harass individuals, and ransomware

The Home Secretary has previously said a review of computer misuse laws would help private investigators and police - and increase jail sentences.

In May, Priti Patel promised to crack down on fake websites selling compromised details, networked cameras that spy on and harass individuals, and ransomware.

She said: 'It is critical that government has all the right levers to ensure that those who commit criminal acts in cyber space are effectively investigated by law enforcement, and prosecuted.'

What is the Computer Misuse Act?

The Computer Misuse Act protects personal data held by organisations from unauthorised access and modification). The act makes the following illegal:

 Unauthorised access to computer material. This refers to entering a computer system without permission (hacking) 

Unauthorised access to computer materials with intent to commit a further crime.  This refers to entering a computer system to steal data or destroy a device or network (such as planting a virus).

Unauthorised modification of data. This refers to modifying or deleting data, and also covers the introduction of malware or spyware onto a computer (electronic vandalism and theft of information). Making, supplying or obtaining anything which can be used in computer misuse offences.

These four clauses cover a range of offences including hacking, computer fraud, blackmail and viruses. 

Failure to comply with the Computer Misuse Act can lead to fines and potentially imprisonment.

 Source: BBC 

The comments below have not been moderated.

The views expressed in the contents above are those of our users and do not necessarily reflect the views of MailOnline.

We are no longer accepting comments on this article.