Firewall Wizards mailing list archives
Re: Executives liable for computer crime? (update)
From: Henry Hertz Hobbit <hhhobbit () cs weber edu>
Date: Thu, 27 Aug 1998 01:11:53 -0600 (MDT)
On Tue, 25 Aug 1998, Wood, Tom D wrote:
To all,
<snip>
I don't feel comfortable re-publishing without permission someone else's work, but I will paraphrase it enough to get the point across. BTW, the site it came from originally is a *very* well known maker of Token based authentication systems, you can use your own imagination from there <g>. It starts out revealing a new Federal regulation (1991) aimed at white collar crime that has implications for CEO's, IS mgr's and "other senior management". It then goes on to state that the reg holds the CEO and senior management responsible for crime involving their organization. Even if the crime was obviously a downstream attack using your network as a launchpad, your on the hook for up to $290 million in damages and possible corporate probation.
I believe this was the law that was passed a few years after Morris released the worm (accidentally?). It is one of those "we will show them how tough we can get kind of thing to make sure if they claimed it wasn't them, if enough evidence showed they really were the originators (somebody at that site) they couldn't weasel off. As far as I know, there have been NO prosecutions of sites that were compromised by somebody else being prosecuted. It is my opinion that if it was, it would be like the "no indecent material" through schools law several years back. The Attorney General was even stupid enough that when that law was struck down by a Federal court that it was appealed to the Supreme court which affirmed the earlier Federal court ruling. In other words, if you are an innocent victim and somebody used your compromised network, the likelihood of you being prosecuted (should we go for "doubly persecuted" instead?) isn't very likely. Just my 0.02 worth... HHH
Current thread:
- Executives liable for computer crime? (update) Wood, Tom D (Aug 26)
- Re: Executives liable for computer crime? (update) Dean Michaels (Aug 27)
- Re: Executives liable for computer crime? (update) Henry Hertz Hobbit (Aug 27)
- <Possible follow-ups>
- Re: Executives liable for computer crime? (update) Rick Smith (Aug 27)