Hacking case gets green light

Even since before the advent of the Internet, courts have had to battle with the question of cross-border jurisdiction. That is, whether or not a local court can exercise its power in relation to matters that occurred in another state or country.

Recently, the Commercial Court of the Queen’s Bench Division at the High Court of Justice in Britain has determined that a case involving allegations of cross-border computer hacking from Russia into a computer system in London should proceed to trial and that the High Court of Justice has jurisdiction to hear the matter.

The proceedings in what the High Court of Justice has labelled “bitterly contested litigation” were initiated as a result of allegations that OJSC Russian Aluminium Rusal, a Russian aluminium firm being the third largest aluminium provider in the world, and TadAZ, a Tajikistan company, stole the business of a British company, Ansol, and its UK advisers, Ashton, by assisting Tajikistan in producing aluminium.

Apparently thousands of computers and files were seized for evidentiary purposes; some of those files are confidential or privileged.

The case that was brought before the High Court of Justice alleged that Ashton’s computer system in London had been hacked into from IP addresses used by Rusal in Russia and possibly in Austria.

The allegations also suggested that Rusal had successfully installed a key-logging spyware program called KS.exe onto the Ashton server – probably via a spyware email.

The allegations further suggested that as a result of Ashton’s IT administrator logging on to the spyware-infected computer, and those login details being transmitted to Rusal in Russia, Rusal was able to subsequently log in to the Ashton server and obtain access to confidential and privileged information related to the litigation. Ashton claimed damages/equitable compensation/restitution for breach of confidence, damages for unlawful interference with business, damages for conspiracy by unlawful means, an injunction and further or other relief and costs.

Rusal has denied the allegations that it had been accessing Ashton’s system and has defended the claim by suggesting that its IP address could have been used as a result of a third party accessing its Wi-Fi network, which was unsecured at the relevant times.

The Judge said: “The Defendants may turn out to be right at the end of the day that these attempts were actually by other people who had cloned the MAC numbers, so appearing to be from Rusal when they were not. And it is fair to say that if Rusal were trying to gain access, it was a considerable blunder to leave behind the computer equivalent of a fingerprint.

However, as against that, it is an extraordinary coincidence that, say, a student should happen, whilst using the Rusal Wi-Fi, to gain access to the Ashton server using the administrator’s username and password ... Whatever the position, why should a Russian student have any interest in the Ashton website or go to the considerable trouble to obtain the password? Why should students or other people wish to enter the system repeatedly? By contrast, Rusal undoubtedly had a motive to gain access to the server, although that is a long way from saying that it did so.”

The case has not yet been heard; however, it will be interesting to see the results. It demonstrates the admissibility of IP address evidence and other computer forensics into technology-related trials and the extent to which network security is vital for all organisations.

Disclaimer: This column is for general informational purposes only. It is not legal advice nor is it a substitute for legal advice. Readers should seek legal advice on their own particular circumstances.

Alan Arnott is a technology and telecommunications lawyer with qualifications in computer science and law with Arnotts Lawyers in Sydney. For more information, please visit: www.technologylaw.com.au or www.arnotts.net.au.

finance