Security news5 April 2007
Less than half of IT professionals want McKinnon jailed for hacking crimes Sophos poll reveals IT community split on appropriate sentence
 |
| Supporters of Gary McKinnon on the internet campaigned for him not to be extradited. |
IT security and control firm Sophos has revealed that less than half of IT professionals believe that if found guilty, NASA hacker Gary McKinnon should be sent to a US jail for his crimes.
McKinnon looks set to be extradited to the US to face trial for allegedly hacking into computers belonging to the US Army, US Air Force, Department of Defense and NASA, having lost his appeal to remain in the UK earlier this week. The Sophos poll shows that 48% of respondents feel jail is the most appropriate sentence for McKinnon, should he be found guilty, with 42% suggesting a sentence of community service, and just 10% answering that McKinnon should be fined.
The closely contested poll echoes a previous Sophos survey back in July 2006 regarding whether or not McKinnon should be extradited, which saw a near 50/50 split between respondents - 48% were in favour of extradition, with 52% against.
"The IT community can't seem to agree about what would be an appropriate punishment in this case, quite possibly because it's still unclear about how much damage Gary McKinnon is alleged to have caused, as well as the motivations behind the alleged crime," said Graham Cluley, senior technology consultant at Sophos. "Irrespective of where he is tried, let's hope that if McKinnon is found guilty, it will be based on reliable evidence, and that he will be sentenced appropriately for the offences he is alleged to have committed."
In addition to the new results, Sophos received a wide range of viewpoints from those polled expressing their opinion on McKinnon's plight.
Responses included:
'Breaking into any country's military computers is treason. Isn't treason punishable by death in most countries?'
'We need to set precedence with these criminals and prosecute them to the fullest... I say let him do at least 10 years in prison.'
'The Pentagon should hire this bloke rather than punish him for finding weaknesses in the defence force systems.'
'Some of the potential sentences sound far too extreme, but it doesn't change the fact that hacking into US military computers is an unbelievably stupid thing to do, and always likely to have severe consequences.'
'With the chance of getting caught being slim, the penalty must be so severe that no one in their right mind would run the risk. And lets not stop there. If convicted, they should not be allowed to go back into the business as a white hat hacker. What do I consider a severe penalty? A minimum of 20 years without chance of parole. Life in prison if the hacker is proved to be a botmaster.'
"A strong message needs to be sent out to hackers that their illegal actions will not go unpunished, but appropriate sentences need to be handed out based on the severity of the crimes - some of the system administrators we polled seem to be so sick to the back teeth with hackers that they've said they're keen to have McKinnon executed, which seems something of an over-reaction," continued Cluley. "It's important for computer users to remember that while hacking should never be condoned, there is a difference between oddballs that don't appear to have engaged in hacking activities for financial gain, and hardened criminal gangs who are having an impact on businesses and consumers across the globe."
Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution to defend against malware, spyware, hackers and spam.
* Sophos online survey, 240 respondents, April 2007.
Disclaimer: Please bear in mind that this poll is not scientific and is provided for information purposes only. Sophos makes no guarantees about the accuracy of the results other than that they reflect the choices of the users who participated.
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.
