Security

Ethical hacker may get 8 years in prison for reporting flaws in Magyar Telekom

Hungary’s Prosecution Service has accused an ethical hacker and computer specialist of infiltrating the Magyar Telekom database. The office found him involved in a crime that disrupted the operations of a “public utility” thereby attempting to endanger the society.

Reportedly, the hacker identified serious vulnerabilities in Magyar Telekom and reported them to the company. He was arrested for that and is now facing a sentence of several years in prison.

The Hungarian Civil Liberties Union (HCLU), human rights NGO, is defending the hacker and claims that the indictment file isn’t complete. On the other hand, the statement from the NGO was rejected by the Jász-Nagykun-Szolnok County Prosecutor’s Office.

See: “Good hackers” took over a billboard to send security warning

Magyar Telekom is a prominent telecommunications company in Hungary. The company complained against the hacker, who reported them about a vulnerability in the company’s systems in April 2018. The hacker proposed the idea of cooperating with the company in dealing with the situation when he was called for a meeting but this collaboration was never materialized.

The hacker continued to investigate the company’s networks. Later in May, the hacker identified another vulnerability, which he explained can be used to access the public and retail mobile and data traffic if exploited and can also help in monitoring T-Systems’ servers.

That day, Magyar Telekom filed a complaint about an unknown attacker probing their system, which eventually led to his arrest. The trial commenced this week and the Prosecutor’s Office is seeking a prison sentence. The HCLU, however, alleges that since the indictment files aren’t complete because these lack the time and place of the event and it isn’t clear what actually happened and what the accused did to the systems of the company.

Another strange fact is that the Prosecutor’s Office has offered the accused a rather unexpected and unusual plea bargain, according to which if he pleads guilty the court will suspend his sentence for two years and if he doesn’t then he might be facing five years in prison.

See: 10-year-old Kid Hacks Instagram, Gets $10,000 Reward from Facebook

The accused refused to plead guilty and rejected the plea bargain offer, after which the Prosecutor’s office changed the details of his crime in the indictment with that of causing disruption to a public utility’s operations with his actions. He is now facing up to eight years in prison.

“The hacker, beyond the limits of ethical hacking, launched new attacks after the first attack, and began to crack additional systems with the data he had acquired so far,” the company told Napi.hu.

The HCLU maintains that ethical hackers cannot be held responsible for identifying vulnerabilities because they are working for the welfare of the society. However, the Prosecutor’s Office claims that the accused crossed the line and his actions threatened the society, so, he should face the consequences under criminal law.

Comment here