Cyber Security Damages

Cyber Security Damages

Note: This information about Cyber Security Damages is based on an United States Sentencing Commission report to the Congress on penalties for cyber security offenses. In this case, the content of this section deals with the proposed Amendment by the Commission, in relation to the modifications to §2B1. 1 (Theft, Property Destruction, and Fraud). The proposed amendment further accounts for offenses involving computer systems used to maintain or operate a critical infrastructure and used by or for a government entity in furtherance of the administration of justice, national defense, and national security by expanding the scope of existing enhancements in §2B2. 3 (Trespass), to which violations of 18 U. S. C. § 1030(a)(3) (misdemeanor trespass on a government computer) are referenced, and §2B3. 2 (Extortion by Force or Threat of Injury or Serious Damage), to which violations of 18 U. S. C. § 1030(a)(7) (extortionate demand to damage protected computer) are referenced. In the trespass guideline there is a two level enhancement at §2B2. 3(b)(1) for trespasses that occur on particularly secure or sensitive areas, including a secured government facility, a nuclear energy facility, a vessel or aircraft of the United States, a secured area of an airport, and a residence. The amendment expands the scope of this enhancement so that it will also apply if the trespass occurred on a computer system used to operate or maintain a critical infrastructure or used by or for a government entity in furtherance of the administration of justice, national defense, or national security. Two of the three section 1030(a)(3) cases sentenced in fiscal years 2001 and 2002 under §2B2. 3 involved national defense computers. In the extortion guideline there is a three level enhancement at §2B3. 2(b)(3) for offenses that involved preparation to carry out, or a demonstrated ability to carry out, certain serious types of threats, including threats of death, serious bodily injury, kidnapping, and product tampering. The amendment expands the scope of this enhancement so that it also will apply if an extortionate threat to damage a protected computer involved preparation to carry out, or a demonstrated ability to carry out, a threat to damage a computer system used to maintain or operate a critical infrastructure or used by or for a government entity in furtherance of the administration of justice, national defense, or national security.