Does Justice Department prosecute denial of service attacks?

[Declan McCullagh <declan () well com>]

---

Date: Thu, 25 Sep 2003 22:33:51 -0700 (PDT)
From: Bob Kirkpatrick <bobk () dogear com>
To: Declan McCullagh <declan () well com>
Subject: Re: [Politech] Monkeys.com anti-spam blacklist shuttered by online
 attack [sp]
In-Reply-To: <6.0.0.22.2.20030926003711.02239cd0 () mail well com>

Hi Declan:

Working with an ISP that uses our consulting services, they came under DoS
attack and had their operations significantly hapmpered for two days
before a successful defense was built. With effort and cooperation from a
number of ISPs, the perpetrator was tracked down and identified. The
hacker's ISP provided complete monitoring and logs that, when matched to
our customers logs confirmed the guilt.

All of the investigation done, they contacted the FBI. Agents came and
interviewed everyone -including the 17 year old perpetrator and concluded
that the guy had committed a series of felonies. The US Attorney refused
to prosecute the case, and sent policy through the apologetic Agent, that
only cases that involved physical harm to a being or physical harm of
equipment valued at $25,000 or greater. All others would not be
prosecuted, and since a loss of service, damage to customers, and the
collateral damages to an ISP did not constitute damages sufficient to meet
the standard.

The only charge available under Ohio law was Violation of Privacy, a
misdemeanor with an extremely low fine. The hacker was never prosecuted.

I suspect that with the current attitudes of law enforcement towards
electronic crimes, that it's pretty much open season for the black hats.
_______________________________________________
Politech mailing list
Archived at http://www.politechbot.com/
Moderated by Declan McCullagh (http://www.mccullagh.org/)