WeLeakInfo - 21 arrested for cybercrime offences

In December 2020, the National Crime Agency (NCA) arrested 21 people across the UK identified as customers of an online criminal marketplace that sold personal information stolen from data breaches.

The website, WeLeakInfo, was taken down in January 2020 for selling stolen credentials from over 10,000 data breaches.

The NCA states that the site was used by cyber criminals to access and download people’s data to use for their own personal gain, for example, to launch further cyber-attacks or commit fraud.

Of the 21 people arrested in the UK, nine were detained on suspicion of Computer Misuse Act offences, nine for fraud offences, and three for both.

The NCA also seized over £41,000 in bitcoin and three of the suspects were in possession of, or involved with, indecent images of children.

A further 69 people were visited by Cyber Prevent Officers and warned about taking part in potentially criminal liability – 60 of these people were served with cease and desist notices.

What is cybercrime?

In its basic form, cybercrime is criminal activity that uses technology to target people and computers. There are many different kinds of cyber threats, such as:

  • Hacking – such as obtaining someone’s social media or email passwords
  • Phishing – sending scam emails asking for personal details and security information
  • Pharming – cloning websites to ‘pharm’ personal information
  • Malicious software (malware) – such as ransomware to steal or hijack files and hold them to ransom
  • Distributed denial of service (DDOS) attacks against websites

Cybercrime is wide-ranging, from buying stolen data ‘off the shelf’ to carrying out the cyber-attacks and theft of information itself.

The actual act of cybercrime can be illegal in itself. The proceeds of cybercrime can also be used to commit further cybercrimes or other offences, such as fraud.

Computer Misuse Act offences

The Computer Misuse Act 1990 criminalises acts of cybercrime, including:

  • Unauthorised access to computer material.
  • Unauthorised access with intent to commit or facilitate commission of further offences (for example, unauthorised access with the intention of committing theft by diverting funds to the cyber criminal’s own bank account).
  • Unauthorised acts with intent to impair, or with recklessness as to impairing the operation of a computer.
  • Unauthorised acts causing, or creating risk of, serious damage (such as damage to critical national infrastructure).
  • Making, supplying or obtaining articles for use in offences under other sections of the Computer Misuse Act (intended to target the market in electronic malware or ‘hacker tools’ designed to break into or compromise computer systems).

Fraud offences

A cybercrime suspect may be charged under the Fraud Act 2006 where there is evidence that the suspect intended to commit fraud or did commit fraud.

For example, phishing, pharming and installation of viruses could all be prosecuted under the Fraud Act.

Data protection laws

Under the Data Protection Act 2018, there are a number of cybercrime offences which relate to the control and access of data, such as:

  • The offence of deliberately or recklessly obtaining, disclosing, procuring and retaining personal data without the consent of the data controller.
  • Knowingly or recklessly re-identifying information that has been de-identified without the consent of the data controller who de-identified the date.

How do the authorities deal with cybercrime offences?

The NCA states that cybercrime is a global threat with cyber criminals and the technical infrastructure used to commit crimes often being based overseas. For example, the WeLeakInfo crackdown has been the product of a coordinated cross-country operation. The WeLeakInfo website itself was shut down by the US Department of Justice.

So, investigations into cybercrime tend to be extremely thorough, involving multiple authorities, including the police, regional organised crime units and international law enforcement partners. These authorities all share intelligence and coordinate action.

A standard investigation tends to involve a range of techniques to identify the people allegedly behind the cybercrime, including:

  • Obtaining information from Internet Service Providers (ISPs)
  • Instructing digital forensics experts to examine data, including raw data, hard drives and caching devices
  • Analysing evidence, including tracking digital fingerprints in system files and network logs

Given the complexity of the techniques and evidence involved, if you are accused of cybercrime, instructing an expert criminal defence solicitor who understands the technical issues is absolutely essential.

What to do if you are served with a cease and desist notice

The authorities, in particular the NCA, often serve cease and desist notices to young people who are becoming involved in cybercrime. The intention is to encourage young people to use their technology skills for legal purposes instead of cybercrime.

If you are served with a cease and desist notice (for example, because you purchased ‘hacker tools’) then you have been identified as potentially being involved in cybercrime, usually as part of a wider criminal investigation.

You should immediately stop the activities stated in the cease and desist letter. Continuing with the activities could result in further investigation and potentially criminal prosecution.

It is also important to seek legal advice if you are concerned about being implicated in cybercrime.

What to do if you have been arrested for or charged with a cybercrime offence

If you or someone you know is facing criminal prosecution for cybercrime, get in touch with our dedicated team of cybercrime solicitors as soon as possible.

We are a leading firm of criminal defence solicitors based in Bournemouth, Dorset. Our skilled lawyers regularly travel across the region to support people who have been arrested or to represent people in court. We can assist with a wide range of cybercrime offences, including Computer Misuse offences and fraud offences. We are also skilled at handling confiscation proceedings under the Proceeds of Crime Act 2002 (PoCA).

Our team are here to help you fight the accusations against your name and to get your life back on track as soon as possible.

Get in touch with our cybercrime solicitors in Bournemouth, Dorset

For immediate help and representation, please call 01202 552777 or use our simple online enquiry form and a member of our team will be in touch shortly.