Nearly two thirds of UK workers don’t realise hacking is a criminal offence

Hacking into emails and social media accounts is not considered a criminal offence by nearly two thirds of UK workers, accordingly to the latest research polling from Centrify, the zero-trust cybersecurity company

by Patrick Sullivan, Political Editor on 4 November 2019 11:41

A staggering 63 per cent of British workers do not realise that unauthorised access to an email account without the owner’s permission is a criminal offence, according to a new study from Centrify, a leading cyber security company.

The survey of 2,000 fulltime UK workers in professional services, conducted by independent survey company Censuswide, also found that one in 20 workers have admitted to logging into their friend’s Facebook without permission. A further one in 25 admit to having hacked-in to a colleague’s email account without permission.

This news comes just a few months prior to the 30-year anniversary of the Computer Misuse Act – a piece of law that deals with the crime of accessing or modifying data stored on a computer without authorisation to do so. As it stands, the lowest-level of penalty if you are found guilty of gaining access to a computer without permission is up to two-years in prison and a £5,000 fine.

Last year Conservative MP Kemi Badenoch admitted in an interview that she hacked Labour rival Harriet Harman’s website in 2008, apparently unaware of the seriousness of breaching the Computer Misuse Act, causing widespread outrage. Rather worryingly, 69 per cent of those surveyed revealed that they do not have confidence in their security processes when it comes to protecting their data. As a result, almost two-thirds (63 per cent) of workers refuse to change their passwords when prompted to by an app or their company.

At the same time, 27 per cent use the same password for multiple accounts, putting both their personal life and their professional security at risk. The survey also revealed that 14 per cent do not use multi-factor authentication for apps or services unless forced to do so, and 14 per cent keep their passwords in a note book or on their desk – putting their companies’ data at risk of hackers or even colleagues with malicious intent.

Andy Heather, VP, Centrify warns, “Cyber attacks can have a devastating impact on a company or individual and it is important that workers understand how seriously instances of unauthorised access to someone else’s computer will be taken.

“The Computer Misuse Act does not discriminate between hackers with malicious intent and employees who do not know the law. Would the one in every 20 employees who have admitted to hacking done so if they realised the risks that are presented to their company, and the actions which could be taken against them were they caught?”

“At the same time, workers must ensure that they take the necessary precautions in ensuring that their own passwords can not be guessed, stolen or obtained by any of their peers, and organisations must adopt a zero-trust approach to further reduce the risk of malicious parties taking advantage."

blog comments powered by Disqus