Back to: CRIMINAL LAW
Next Chapter: CIVIL LITIGATION
What is a “Cyber Crime”?
Federal law provides that a person who intentionally accesses a computer without authorization or exceeds authorized access to obtain classified, restricted, or protected data, or attempts to do so, is subject to criminal prosecution.
- Example: Types of cybercriminal conduct include: hacking, cyber terrorism, destruction of data, unlawful appropriation of data or services.
Discussion: Do you think it should be a crime for individuals like Edward Snowden to disclose governmental data? Do you think it should be a crime to access the back-end database on someone’s private website? At the opposite end of the spectrum, if someone walks away from a public computer and fails to log out of her email account, do you think it should be criminal to read that person’s emails? What if you were to send an email (even as a joke) from that person’s email account?
- Some would argue that Snowden is a criminal and deserving of punishment. Others would say that Snowden’s conduct was patriotic in that it disclosed to the public a litany of questionable government conduct. Most believe that hacking a website is and should be illegal. Others may not see the seriousness of snooping on someone else’s account if left open on a computer. Many would not realize that accessing this information is criminal, whether there is any nefarious conduct. It begs the question of whether there should be a specific intent element behind these types of conduct.
Practice Question: Clarence has his own business website that he hosts on a personal server. He manages the site personally with WordPress. Alice is aware of Clarence’s website setup and wants to play a joke on him. She guesses his password and logs into his website server. She then changes the title to read, “Alice is Amazing”. Clarence is outraged by Alice’s joke. Has Alice committed a crime?
- Alice could be guilty of committing cyber-crimes against Clarence because she, without Clarence’s consent, changed the website’s password and title to suit her silly intentions. Cyber-crime is any criminal activity that involves a computer, networked device or a network. While most cyber-crimes are carried out in order to generate profit for the cyber criminals, some cyber-crimes are carried out against computers or devices directly to damage or disable them, while others use computers or networks to spread malware, illegal information, images or other materials. Here are common types of attacks cybercriminals have been known to use:
- Distributed DoS attacks-which are often used to shut down systems and networks.
- Infecting systems and networks with malware which is used to damage the system or harm users by damaging the system, software or data stored on the system.
- Phishing campaigns are used to infiltrate corporate networks by sending fraudulent emails to users in an organization, enticing them to download attachments or click on links that then spread viruses or malware to their systems and through their systems to their company’s network.
- Credentials attacks, where the cybercriminal aims to steal or guess user IDs and passwords for the victim’s systems or personal accounts, can be carried out through the use of brute force attacks by installing key sniffer software or by exploiting vulnerabilities in software or hardware that can expose the victim’s credentials.
- Cybercriminals may also attempt to hijack a website to change or delete content or to access or modify databases without authorization.
Halder, Debarati and Jaishankar, Karuppannan, Celebrities and Cyber Crimes: An Analysis of The Victimization of Female Film Stars on the Internet (December 31, 2016). Available at SSRN: https://ssrn.com/abstract=3049543 or http://dx.doi.org/10.2139/ssrn.3049543
Smith, Katherine Taken and Smith, Murphy and Smith, Jacob Lawrence, Case Studies of Cybercrime and its Impact on Marketing Activity and Shareholder Value (December 13, 2010). Academy of Marketing Studies Journal, 2011. Available at SSRN: https://ssrn.com/abstract=1724815
Johnson, James A., Cyber-Crime Liability and Insurance (July 18, 2018). State Bar of Michigan Insurance and Indemnity Law Section, Volume 11 Number 3, July 2018. Available at SSRN: https://ssrn.com/abstract=3226978
Chowbe, Vijaykumar Shrikrushna, An Introduction to Cyber Crime: General Considerations (February 21, 2011). Available at SSRN: https://ssrn.com/abstract=1766234 or http://dx.doi.org/10.2139/ssrn.1766234
Johnson, James A., Cyber Crime Liability and Insurance (March 13, 2017). The State Bar of Michigan- The Mentor- Winter 2017. Available at SSRN: https://ssrn.com/abstract=3036526