BBC Buys Botnet

In an effort to demonstrate the dangers they pose to PCs, the BBC has purchased a botnet  of 22,000 zombie computers. It’s Click program explained that it was used to spam the BBC’s own email accounts as well as carry out a DDoS attack. It then shut the botnet down and sent emails to the infected computers letting them know they were infected and how to prevent any further infections. Click said they were able to buy the botnet through an internet chat room.

While their intentions were obviously to educate rather than harm or profit, the BBC may actually be as guilty of breaking the law as the cybercrooks they were trying to protect people from. One law firm claims they are in violation of the Computer Misuse Act:

          “It does not matter that the e-mails were sent to the BBC’s own accounts and criminal intent is not necessary to establish an offence of unauthorized access to a computer,” said Struan Robertson, a technology lawyer with Pinsent Masons.

“The Act requires that a computer has been made to perform a function with intent to secure access to any program or data on the computer. Using the botnet to send an e-mail is likely to satisfy that requirement,” he wrote. “It also requires that the access is unauthorized–which the BBC appears to acknowledge.”

However the BBC need not worry since the chances of them being prosecuted is low. What do you think about their experiment? Was it helpful or did they simply stoop to the level of the scammers they were trying to expose? Leave a comment and let us know what you think!