This is an interesting story that first appeared on NY Times. An (alleged) hacker from the Ukraine apparently got insider information on a company, IMS Health. In one day he managed to clear $296,456 USD. The money was seized and the SEC took notice.
Now, this is where it gets interesting.
From VNUnet.com:
“Dorozhko did not breach any fiduciary or similar duty ‘in connection with’ the purchase or sale of a security.”
While the judge acknowledged the absurdity of the situation she said that the only way to proceed was for a hacking prosecution against Dorozhko.
But the US Department of Justice has already refused to do this on the ground that obtaining a prosecution in the Ukraine would be too difficult.
The SEC still maintains that the information was obtained by deception, but from a computer system and not a human being.
Dorozhko’s lawyer is fighting this assertion, however. “They want you to believe that there is a deception of a computer,” he said. “All there is is a high-tech lock pick.”
Short answer…he may get to keep the money after all. Could this signal a shift in computer attacks if the DOJ is unwilling to prosecute monetarily small hacking incidents? The beginning of financial windfall by a thousand hacks?
[tags]Oleksandr Dorozhko, Ukranian Hacker, Ukranian Hack, IMS Health[/tags]