A lawyer for a high-profile member of Lizard Squad, the hacking collective responsible for last Christmas’ Xbox and PlayStation attacks, has called for an end to the criminal prosecution of hackers and a greater focus on making companies take responsibility for poor security networks.
Ernest Aduwa of Stokoe Partnership Solicitors, who is representing an unnamed member of Lizard Squad, argued that site takedowns and cybercriminal prosecutions were an unsustainable approach to tackling cybercrime, barely making a dent in the actions of blackhat hackers.
“So called ‘cybercriminals’ are becoming untouchable. The re-emergence of the hacking forum ‘Darkode’ weeks after law enforcement agencies bragged about taking it down is an illustration of this,” said Aduwa.
“More legislation is not the answer. Staffing an under resourced police force is not the solution.”
Aduwa argued that instead of playing the part of the victim, companies who have lost customer data as a result of a cyberattack should be explaining why they haven’t take adequate precautions to protect their users.
“In the cyber world, rather than prosecuting talented young people, Sony, Microsoft, Ashley Madison and companies alike should be explaining why their products and/or services were sold to the public if they are not safe and secure,” he said.
“Of course Sony PlayStation and Xbox gamers were very upset and angry in December 2014, but with each console retailing at several hundreds of pounds and Sony’s net profit more than tripling in second quarter of 2015, surely the public are entitled to a bit more protection.
“The public is very much aware of the threat of cybercrime and deserves a new kite mark from businesses, governments and law enforcement agencies to be reassured that they are safe. It’s not too much to ask. How does Sony explain to consumers that with all their profits they aren’t able to stop a bunch of teenagers from shutting down their networks?”
Aduwa likened such companies to car manufacturers acting like the victim when manufacturing defects resulted in their cars crashing.
“It would be a complete farce to arrest and prosecute the drivers of cars that crashed because of a manufacturing defect,” he said.
“In reality the cars are recalled. Toyota was fined $1.2 billion following a criminal investigation into whether it concealed safety defects from the public. This sent a clear message to the car industry: do not repeat Toyota’s mistake.”
He also drew attention to the role that hacking groups can play in bringing security flaws to the general public’s attention.
“People shouldn’t be criticised for celebrating hacks that expose weaknesses in products or services that will affect the public,” Aduwa added.
“Hacktavist group Anonymous helped shed light on Microsoft’s new Windows 10, which Anonymous says has some disturbing privacy defaults.
“With a celebration in mind, many are taking note that Lizard Squad’s anniversary is soon approaching.”