Sign up to our newsletter
The latest security news direct to your inbox
The Obama administration seems intent on pushing for stiffer sentences for hackers caught endangering national security to 20 years prison time, doubling the current sentence. A stiff penalty, to be sure, the latest in a series of volleys from D.C. to curb the flurry of recent high-profile attacks and restore confidence in the U.S. Government’s ability to stop cybernastiness in its tracks using the long arm of the law.
What this means for enterprising hackers is unclear, especially due to the global and distributed nature of modern hacking attempts. Certainly U.S. Government seem anxious to net a high profile U.S.-based hack as a poster child for the effort, and are hoping that day comes soon.
Last month the Obama administration crafted the legislation and started pushing it toward Congress. In a recent blog, I wrote about the Pentagon upping the ante to those attempting to hack critical infrastructure, authorizing traditional military force, if needed. Now it seems to be coming from the top of Capitol Hill itself.
Meanwhile, large distributed attacks are getting more and more speedy, stealthy and pervasive. It seems like the casual mom’s basement hacking days are fading, now we see big organized businesses wade into the waters, often through proxy hacking groups compensated to hit specific targets of interest.
Since there is a thriving underground market for buyers and sellers of cybernastiness, it seems more difficult than ever to find out the true source of the initiative, rather than the rent-a-hacker they might manage to cuff. Also, those most likely to get caught will be either the less sophisticated or unlucky (or both), not the large, sophisticated hacking organizations as hoped. In either case, a “smoking keyboard” at the scene of the crime is a tricky thing to find legally and prosecute under current U.S. law, especially one that may include vectors outside U.S. jurisdiction. Still, the White House hopes it will have a cooling effect on aspiring hackers, especially if it manages to retain its “teeth” after it makes the circuitous journey through Congress. With the bevy of legislation being proposed from various angles, it seems SOME new laws will be in effect sooner rather than later, then we can see whether the initiatives are actually effective.
Author Cameron Camp, ESET