The Crime of Computer Hacking
Among the wide range of computer and cyber crimes prosecuted under U.S. federal law, few have received more attention than computer hacking. Computer hacking has likely been prosecuted more often and robustly because it occurs frequently and it is one of the better-understood computer crimes.
The Goals of Computer Hacking
Computer hacking involves any unauthorized or non-consensual accessing of a computer, computer system, or computer network. It is important to know that under federal law, and this broad definition of computer hacking a crime is committed once an individual accesses an account without permission or authority.
However, this unauthorized activity is usually investigated and prosecuted when it involves taking or destroying something of value. Theft of personal information or data, destruction of documents, mining account or financial information, and other financial fraud are among the most common reasons behind computer hacking.
Examples of Computer Hacking
As computer systems and capabilities have evolved, more and more types of computer hacking have drawn the attention of the federal government. Many of the cases that come under investigation are relatively straightforward.
Some examples of the activity that qualifies as computer hacking include:
- Emails sent with malicious attachments or viruses;
- Trimming URLs and other coded information to access paid subscriptions or services;
- Accessing a system to retrieve credit card numbers or bank account information;
- Employee exceeding, allowed use on a computer network or system to view confidential or proprietary information; and
- Gain unauthorized access to a computer database.
Federal Law on Computer Hacking
In general, Congress and the federal government has struggled with passing laws that effectively and robustly tackle cybercrimes. It has been difficult for the government to both understand and specifically address cyber warfare and cyber terrorism, for example.
Computer hacking is one of the rare cybercrimes that is clearly and routinely prosecuted under an early computer crimes statute, the Computer Fraud and Abuse Act (CFAA). In fact, computer hacking is the most common cybercrime investigated under the CFAA.
Crimes Under the Computer Fraud and Abuse Act
The CFAA was passed in 1986 to specifically prevent unauthorized or illegal access to computers and computer networks. While the language in the CFAA can be broadly interpreted to investigate and criminalize cyber crimes such as ransomware and information warfare, activity involving hacking and unauthorized access were the initial targets of the law.
Under the CFAA there are seven separate offenses. The law criminalizes:
- Knowingly accessing a computer without authorization or exceeding authorized access to a computer (or computer network) to obtain information that is determined by the U.S. government or executive order to have importance for national security or foreign relations;
- Knowingly accessing a computer without authorization or exceeding authorized access to obtain information from a financial institution or credit card company, information from a government agency, or information from a protected computer;
- Intentionally accessing a non-public computer belonging to an agency or department of the federal government;
- Knowingly accessing a computer without authority or permission to commit fraud;
- Knowingly transmitting malicious code, program, or information through a protected computer with the specific intent to cause damage;
- Knowingly traffics a password or other information when such actions affect interstate commerce or foreign relations or the computer is used by the U.S. government; or
- Intending to defraud or extort another individual, transmits through interstate commerce or foreign commerce any communication that threatens to damage a protected computer, attack confidential information, or demand to request money or something of value.
Less Used Provision of the CFAA
A far less utilized provision in the CFAA is found in Section 1030(a)(1) of the U.S. Code. The Section provides criminal punishment for obtaining national security information and without the appropriate access, or in excess of, an allowed clearance.
While the application of the statute is narrow in one sense, only applicable to theft or attempted theft of national security information, it can be utilized against domestic and international hackers.
Detection and Investigation of Computer Hacking
As instances of criminal computer hacking have increased in the last 10 years, so have investigations into potential criminal activity and federal offenses. Today, detection and investigation into computer hacking, under the CFAA and more general statutes, are handled by a variety of reporting sources and federal agencies. Individuals involved in potential computer hacking or sophisticated cyber activity should be aware of federal detection at all times.
As well, investigations into criminal computer hacking and cyber crimes are progressing more quickly. The timeframe from detection to federal charges once gave individuals a long time to disguise their location and vanish information, but the timeline is changing. If you are the subject of a federal investigation for computer hacking, now is the time to contact a federal defense lawyer.
How Is Computer Hacking Detected?
Detection is frequently handled by a team of skilled federal agents that are, unsurprisingly, talented computer hackers in their own right. The federal government has a robust recruiting system that seeks out skilled computer hackers, whether involved in building a technology company or committing unauthorized acts and courts them for government positions. Plus, a mid-level analyst with the government can earn upwards of $85,000.
Detection by federal agencies, most notably the Federal Bureau of Investigations (FBI), isn’t just handled by government personnel. The FBI now has a national system of computer forensic laboratories that are designed to catch federal criminals involved in everything from drug trafficking and murder charges to cyber warfare and computer hacking. The digital evidence garnered by these labs is often the crux of an investigation against criminal computer hackers.
Reporting Computer Hacking to the Federal Government
The FBI and other federal agencies also rely on a healthy reporting system to detect and investigate instances of computer hacking. Companies and individuals that are victims of cyber crimes are crucial to the start of an investigation or building a more significant case against a single hacker.
For example, reports of similar cyber schemes or scams against several financial institutions can build a profile for an unidentified hacker. However, the government and investigative agencies need those financial entities to report breaches and attempted hacks to follow the trends and cyber clues.
Local and state law enforcement are also provided unique tools to report computer hacking to the appropriate government agency. A recent reporting tool called The Law Enforcement Cyber Incident Reporting resource is encouraging more reporting on the local level. The involvement of local and state law enforcement in detecting and reporting potential computer hacking puts additional innocent parties at risk of investigation.
Federal Agencies Involved in Investigations into Computer Hacking
- The FBI is the lead on most computer hacking activity in the United States. Individuals and businesses are encouraged by the Department of Justice (DOJ) to report evidence of suspicion of computer hacking to the FBI and the FBI the most cyber tools and manpower to handle a federal investigation. Over time, the FBI’s capabilities to detect and investigate computer hacking have increased, with support from the DOJ and Office of the U.S. Attorney General.
- The Department of Homeland Security (DHS) plays a major role in investigating computer hacking that threatens U.S. institutions, governmental operations, and public safety. The DHS is also responsible for extensive recruitment of technical agents and training new government personnel. These efforts by DHS are leading to more investigations by the U.S. Secret Service into potential computer hacking activity, such as spear phishing and malware.
- The Cyber Crimes Center (C3) is a technological service developed and managed by The U.S. Immigration, and Customs Enforcement Homeland Security Investigations, and C3 is now widely used to investigate possible computer hacking internationally and across state borders. C3 targets specific areas of computer hacking, including cyber economic crime, digital theft of intellectual property, illicit e-commerce activity, and cyber-enabled smuggling.
Conviction of a Federal Crime for Computer Hacking
Simultaneous with federal agencies developing new tools and technology to catch computer hackers, the DOJ is finding new strides for prosecution. Individuals in the United States and internationally are finding themselves the subject of more robust and purposeful indictments, which certainly increases the need for a capable federal defense lawyer.
Criminal Punishment for Conviction of Computer Hacking
Federal criminal charges under the CFAA can either be a misdemeanor or felony, depending on the specific criminal activity. As well, the potential criminal punishment, including the maximum sentence in a federal prison is dependant upon the specific section of the CFAA that is violated.
- Obtaining national security information carries a sentence of 10 to 20 years in prison.
- Unauthorized access of a computer or computer network carries a sentence of 1 to 5 years in prison.
- Trespassing on a government computer carries a sentence of 1 to 10 years in prison.
- Accessing a computer to commit fraud carries a sentence of 5 to 10 years in prison.
- Intentionally damaging a known transmission carries a sentence of 1 to 20 years in prison.
- Recklessly Damaging by Intentional Access carries a sentence of 1 to 20 years in prison.
- Negligently Causing Damage & Loss by Intentional Access carries a sentence of 1 to 10 years in prison.
- Trafficking in passwords carries a sentence of 1 to 10 years in prison.
- Extortion through computers carries a sentence of 5 to 10 years in prison.
In addition to incarceration in federal prison, an individual convicted of federal computer hacking can face a substantial criminal fine.
Other Ramifications When Caught Computer Hacking
Criminal repercussions aren’t the only concern for individuals investigated and charged with federal computer hacking. The stigma of criminal charges can impact future employment, security access and clearance, your reputation, and the ability to obtain a mortgage or other loan. These ramifications of criminal computer hacking can even outlast a term in federal prison.
In particular, individuals charged with computer hacking need immediate assistance to protect their ability to gain future employment. Criminal computer hacking isn’t a resume builder, and simply being charged with the offense can prevent you from working at any major technology company, startup, or cyber-driven business. Charges for cyber crimes can also prevent you from working with any business that contracts or provides services for the federal government, greatly limiting your options in fast-growing areas of the tech industry.
Computer Hacking in the News
While technology is leading the decline in certain federal offenses, it is aiding in the rise of criminal computer hacking in the United States and around the world. Hackers are more sophisticated, using more complex technology, and orchestrating more significant schemes than ever before.
These crimes are also drawing more attention from federal investigators around the country. The FBI and other federal agencies are cracking down on criminal computer hacking, as evidenced by these recent cases in the news.
- 2016 Presidential Election: The most famous incident of computer hacking in 2017 and 2018 is undoubtedly Russia’s meddling in the 2016 elections. In July 2018, the Special Counsel for the Department of Justice indicted 12 Russian intelligence agents for using computer hacking and other cyber crimes to infiltrate and influence the U.S. elections. The range of schemes detailed in the 29-page indictment includes phishing schemes, money laundering, and information warfare against the U.S. election system, political parties, and election boards. The interference through computer hacking resulted in 11 counts of computer hacking or similar charges against the Russian nationals.
- Stealing Trade Secrets: An operation to uncover trade secrets from French and American aviation businesses was uncovered in 2018, and charges formally brought against 10 Chinese nationals in October. The FBI and the DOJ’s accusations against the Chinese stemmed from attempts by the Chinese intelligence officers to steal private data and trade secrets from the American businesses, as the Chinese attempted to develop engines and aviation parts comparable to those produced by unnamed American businesses. While complex and varied, the computer hacking techniques used by the Chinese, including spear phishing, malware, hijacking domains, and compromising registrars, were all carefully and thoroughly uncovered by federal investigators, with the help of some international organizations.
Criminal computer hacking isn’t just an international or foreign concern. There are extensive and ongoing investigations in the United States against U.S. citizens. These investigations result in indictments daily and could lead to years of incarceration.
When You Are Accused of Computer Hacking
Investigation or charges for computer hacking are very severe. Not only are the specific repercussions under the CFAA forceful and robust, but the federal government is uniquely motivated to make an example of computer hackers. There is a substantial push to eliminate computer crimes occurring through unauthorized access. You need to defend against charges for federal computer hacking immediately.
A Strong Defense to Computer Hacking Charges
A strong defense to computer hacking charges starts early. Do not wait for the DOJ to impanel a grand jury and formally charge you with a crime. Instead, your defense to computer hacking charges should begin with an investigation. This is the point in a federal investigation when a federal defense lawyer can stymie the evidence collected by a federal agency and help you collect, protect, and preserve information and evidence valuable to your defense.
As well, the advice and assistance of a federal defense lawyer during the investigation of criminal computer hacking can prevent unintentional and unfortunate information falling into the hands of federal investigators. When you hire a lawyer early in an investigation, you have a resource for answering questions and advice on refusing to cooperate with federal investigators. This is also your opportunity to finalize and ensure you take the appropriate first steps in your defense.
First Steps When Charged with Computer Hacking
- Contact a cyber crimes lawyer: Do not hesitate to speak with a lawyer about charges for computer hacking under the CFAA. Look for a federal defense attorney that has experience and prior success defending cybercrimes and is familiar with the provisions of the CFAA. Keep in mind that not all lawyers have this specific knowledge.
- Audit your online activity: You need to garner as much information as possible about your online activity and exposure to computer hacking laws. You should audit your online activity for a minimum of one year prior to the charges.
- Gain an understanding of the government investigation: If you are heavily involved in cyber activity, you may not immediately identify the activity or actions behind the government’s investigation. Through your defense lawyer, should come to understand exactly why the government is investigating your computer activity.
- Shut down harmful activity: The animosity of the Internet and computer activity can protect your actions for a long time, but if you are under the security of the FBI or other government agency, they are likely to look into all aspects of your cyber activity and computer use.
When in doubt about the amount of information to provide a federal investigator or your obligation to cooperate with a federal investigation into computer hacking, speak with a federal defense lawyer.
Finding a Top Cyber Crimes Lawyer
Prosecution into cyber crimes requires a great deal of experience and technical knowledge on the part of a federal prosecutor. The federal prosecutors that build and argue these cases are well-versed in the specifics of a computer hacking case and fully understand the terminology, capabilities, and advancements of the applicable technology. Often, these federal prosecutors work only on cyber crimes to build their depth of knowledge. Shouldn’t your criminal defense lawyer have the same experience and background?
When it comes to the defense of computer hacking, irrespective of the particular charges against you or alleged activities, you need and deserve a federal defense lawyer that is familiar and knowledgeable of cyber crimes and criminal cyber activity. This knowledge should extend beyond the legal basis for federal computer hacking charges and into an actual understanding of the technologies and level of complexity involved in the charges.