We have all seen it in the movies or on television. The hacker, usually a young man in a dark t-shirt and hooded sweatshirt, sits in front of a computer scene, furiously typing, lines of code streaming by on the screen until the screen blinks and he’s in – he’s hacked into the system!
The real-life hacker may be a young computer protégé or a hardened criminal. Either way, hacking into a commercial database or computer can have serious consequences, including criminal charges.
Hacking involves “breaking into” a computer or computer network without permission. The hacker essentially trespasses into the computer or system.
For more information on trespassing onto property, see Trespassing Penalties.
Like a real-life trespasser, the hacker may be there just to look around or to do some damage. Accessing the computer can be an end in and of itself, or it can be a step in committing a further crime, such as harming or disabling the computer’s programs or stealing information.
Many early hackers were young computer enthusiasts, mostly interested in seeing what they could do, not in criminal activity per se. People still hack computer systems for this reason. However, today there is a whole population of people who hack in order to access confidential or private information, often as part of a scheme to commit some other crime, such as:
People who act with criminal or other malevolent intentions are sometimes referred to as crackers or cyberterrorists. Today, many criminal hackers work overseas and have ties to organized crime. The proliferation of hacking programs (sometimes called Trojan Horse software) that allow people to gain entry to systems through email attachments and pop-up advertisements has made hacking accessible even to people without a lot of specialized training or computer knowledge.
Obviously, any time a person hacks into a computer and steals information and uses it to commit a crime, the person can be prosecuted in state or federal court, likely for one of the crimes listed above. Some laws also specifically target hacking. For example, the federal government has enacted the Computer Fraud and Abuse Act (CFAA). Many states have enacted their own counterparts to the CFAA. Under the CFAA, it is a crime to:
The CFAA also makes it a crime to traffic in computer passwords or threaten to steal information from or cause damage to a computer unless the victim pays money (extortion). (18 U.S.C. §1030.)
For example, the first person to be convicted under the CFAA had released a “worm” (a self-replicating computer program) that ultimately damaged thousands of computers. (United States v. Morris, 928 F.2d 504 (2nd. Cir. 1991).) More recently, computer programmer Aaron Swartz was charged with multiple violations of the CFAA after he logged into MIT’s computer network and downloaded a vast number of academic articles from a research archive without permission. The prosecution ended when Swartz committed suicide, but the case has led to efforts to reform the law.
Convictions for violating the CFAA can result in federal prison terms of up to five or ten years, or longer, as well as fines. The victims of computer hacking can also sue in civil court for damages (money). Punishment varies for violations of state law.
If you are charged with a crime related to hacking, you should talk to a local criminal defense attorney with experience defending such cases. An attorney can tell you what to expect in court and how to best prepare your case. An attorney will be able to help you decide whether you are in a good position to negotiate a plea deal or go to trial, and, if convicted, what sort of sentence is likely to be imposed. Talking to an experienced attorney is the best way to protect your rights and defend yourself.