Cyber crime lawyer

Computer Intrusion Defense

With the expansion of the internet, wired and wireless networks, PCs, smartphones and tablets, chances for PC based crime are growing, and law enforcement is expanding resources to these cases. A cyber crime is a crime where a computer is used to commit an offense or is itself the object of the crime. Stated differently, a cyber crime is criminal activity that involves the use of a computer, servers, and the internet. A cyber criminal can perpetrate crimes from anywhere in the world.

There are several Federal statutes that apply to cyber crime cases.

The Computer Fraud and Abuse Act, 18 USC 1030 (CFAA),

is an amendment made in 1986 to the Counterfeit Access Device and Abuse Act that was passed in 1984, which criminalizes many activities done after intentionally accessing a computer without authorization or by exceeding authorized access. In 1996 the CFAA was, again, broadened by an amendment that replaced the term “category of “federal interest” computers with the new category of “protected computers.” The new category simply requires a machine used in interstate commerce as opposed to the former, which required computers used in two or more states. Cybercrime takes many forms, such as:

Obtaining National Security Information;

Computer Intrusion and Obtaining Information;

Malware & phishing offences;

Trespassing in a Government Computer;

Cloning investigations;

Computer Intrusion to Defraud and Obtain Value;

Computer damaging;

Hacking;

Spreading viruses;

Identify theft;

Bootlegging and tripping;

Trafficking in Passwords;

Threatening to damage a Computer;

Internet Fraud, Online Fraud, Email Fraud.

Cyber crimes are growing rapidly as internet use spread out over the time. The penalties for a violation of the CFAA range from 1 to 10 years in jail, and even up to 20 years for certain repeated violations.

In addition, Federal indictments often charge computer crimes under the CFAA along with Wire Fraud, Identity Theft, and Money Laundering.

Virtually every cyber crime investigation is conducted by the FBI, which is known for enlisting the best cyber crime experts. A Cyber Division at FBI Headquarters with especially trained cyber squads, protects against investigate computer intrusions, theft of intellectual property and personal information, child pornography and exploitation, and online fraud. In all cyber crime cases, the evidence collected by the FBI generally consists of hundreds of Gigabytes (if not Terabytes) of electronic files, forensic data and reports. Winning a Federal trial is almost impossible, given the fact that the federal government has virtually unlimited resources. Social media are also a perfect hunting ground for cyber crime, and increasingly people have noticed that their friend may not actually be their friend.

The Federal Court conviction rate was 99.8% in U.S. federal courts in 2015 (guilty pleas and trials): 126,802 convictions and 258 acquittals.

In theory, the Sixth Amendment provides that in all criminal prosecutions, the accused shall enjoy the right to a speedy and public trial, by an impartial jury. In practice, only 1.6% of federal court defendants whose case was adjudicated had a jury trial in 2015.

The reason is straightforward: only 258 of the 3,024 defendants who went to trial in 2015 were acquitted. With less than 1 out of 12 chances of acquittal, it is a shaky roll of the dice for a federal criminal defendant to go to trial.

Accused of Computer Intrusion or Other Cyber Crime?

If you are accused of any Computer Intrusion crime under the CFAA, you should seek representation from a cyber crime lawyer with proven computer skills and trial experience.

With such incredibly high Federal conviction rates, very few cyber crime lawyers can say to have ever represented an alleged cyber criminal at trial. I am not aware of anyone that was acquitted in a jury trial of Computer Fraud and Abuse Act charges (but please email me if you know of anyone).

Botnet Defense Lawyer

A botnet (short for “robot network”) is a collection of internet-connected devices, which may include PC or mobile devices that are under the control of a single attacking party, known as the “bot-herder”. A bot is an individual machine under the control of the bot-herder.

If you are facing with the prospect of years in prison, a ruined reputation and career, and life with a criminal record only an experienced attorney has the ability to carry out an effective defense strategy for your unique case. Common botnet actions include:

1. Spam: It is an e-mail message for false information, infectious malware, and/or phishing messages, sometimes disguised as a message from people or companies we know. The U.S. Department of Justice calls spam “unsolicited commercial email”.

2. Financial breach: Equifax, one of the three largest credit agencies which gathers information on over 800 million individual consumers and more than 88 million businesses worldwide, has recently pointed out that a giant cybersecurity breach compromised the personal information of as many as 143 million Americans, almost half the country. Financial botnets, like the ZeuS botnet, have been responsible for attacks involving millions of dollars stolen directly from multiple enterprises over very short periods of time. ZeuS was first detected in 2007 and is still one of the most successful and prolific banking trojans in the world.

3. Distributed Denial of Service (DDoS) attack: DDoS is an attempt to make an online service unavailable by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.

4. Targeted intrusions: these small botnets endanger specific high-value systems of organizations or specific government agencies, seeking to gain access to the sensitive information they hold.

Click Fraud

Click fraud takes place on the pay-per-click (PPC) internet advertising. In this common kind of advertising, the owners of websites that post banners ads are paid on the basis of how many visitors to the sites click on the ads. Search engine advertising is one of the most popular forms of PPC. Click fraud takes place when someone, through the use of an automated script, robots, a botnet, or other software, generates clicks on such a banner to increase the payable number of clicks to the advertiser, and without having actual interest in the target of the banner’s link.

Click fraud is usually driven by one of two incentives:

Advertisers try to boycott their competitors by boosting up their costs and meeting their budget caps early on in the day;

Ad publishers click on the ads displayed on their own sites to produce more income for themselves.

The Click Fraud Criminal Trial

Click fraud has been around since Google AdWords launched back in the early 2000’s, and click fraud schemes have become increasingly more sophisticated over the years.

While the government has secured dozens of guilty pleas related to click fraud, none of these cases was ever tried in a Federal Court until the case against Fabio Gasperini. A five-count indictment had charged Gasperini with setting up and operating a worldwide botnet of more than 140,000 computers to carry out a click-fraud and money laundering scheme. Read the indictment

I represented Fabio Gasperini in the first ever “click fraud” trial. The case was being closely watched by cybersecurity experts who say it was the first trial to test the government’s ability to tie individuals to complex cybercrimes. If convicted of Wire Fraud, Computer Intrusion, and Money Laundering as charged in the indictment, Gasperini faced up to 70 years in jail.

During the two-week trial, the government called over 20 witnesses, including the Director of the Internet Storm Center, FBI Computer Scientists, and foreign law enforcement authorities. I extensively cross-examined all the expert witnesses for the government, pointing out all the flows of their testimony and forensic analysis. Read my cross-examination of the government’s leading witness.

After 2 days of deliberations, the jury returned a not guilty verdict on all the felony counts of the indictment. Read the verdict sheet. Gasperini was convicted of a single misdemeanor count of Computer Intrusion under 18 USC 1030(a)(2) and sentenced to 1 year in prison, the maximum statutory term. At the time of the verdict, Gasperini had already served more than 1 year in pre-trial detention (mostly while fighting extradition to the U.S.), so the impact of the conviction was minimal.

Has any other cyber crime lawyer beat cyber crime felony charges at trial?

The case is not over yet, as Gasperini has appealed his misdemeanor conviction to the U.S. Court of Appeals for the Second Circuit (case number 17-2479).

Contact a cyber crime lawyer if you have been accused of hacking.