Wednesday, June 15, 2005

Student Convicted in Computer Crime Case

A University of Texas student was convicted for computer hacking into his school's system.  A press release for the U.S. Attorney's Office for the Western District of Texas states:

"After deliberating for approximately five hours beginning this afternoon, the jury found that in January, February and April 2002, Phillips attempted to breach the security of hundreds of computer systems including the University of Texas’ web-based computer system. University officials and others detected Phillips’ actions and University officials subsequently warned him not to further attempt to breach any computer security system. On January 30, 2003, Phillips created a new computer program to breach the security of or "hack into" a protected University of Texas computer system that he did not have authorized access to in order to discover the names and social security numbers of individuals in the UT computer system. He subsequently used this computer program to steal over 37,000 names and social security numbers of individuals in the University of Texas computers via the TXCLASS system. In doing this, he caused massive failures that shut down the TXCLASS computer system as well as the UT system’s web-based server and all of its applications. Previously, in 2002, Phillips was successful in stealing approximately 8,000 names and Social Security numbers from the University’s system. As a result of these damages, the University suffered losses of approximately $122,000 and another $60,000 in losses was incurred by UT to warn individuals whose names and social security numbers were stolen by Phillips about potential identity theft."

An article in the Chronicle of Higher Education here (subscription required) paints a somewhat different picture in noting that the student stated,

"It just wasn't in my mind-set that this kind of thing was going to have this sweeping effect. I was just doing my programming."

Mens rea was also an issue in the first appellate reported computer crimes case.  Although not a hacking case, the case of United States v. Morris had the issue of whether the intent element was met when the accused did not intend to cause damage.  The Second Circuit interpreted the statute finding the defendant criminally liable. 

Students need to be made aware of the ramifications of using their computer skills in ways that violate the law.  Perhaps the best punishment that could be issued here would be to have this individual lecture on college campuses on what can happen when you fail to follow the law in using your computer.


Computer Crime | Permalink

TrackBack URL for this entry:

Listed below are links to weblogs that reference Student Convicted in Computer Crime Case: