The Computer Misuse Act 1990 is a UK law. As such there needs to be a link to the UK for this law to be applied. Section 4 of the CMA details the “Territorial scope of offences under this Act” and can be found at the address below:

https://www.legislation.gov.uk/ukpga/1990/18

This section states that there must be a significant link to domestic jurisdiction. This means that one of the following typically needs to be true:

· The attack had to originate in the UK

· The victim had to be located in the UK

· UK based equipment was used as part of the attack

‍