ITEC336 Final Exam: Legal Case
Introduction
In cybercrime, fugitives gain access to information using unauthorized means, which always involves a specific motive. While one person may steal sensitive information such as credit card numbers or manipulating other essential sections of financial systems for financial gain. On the other hand, others do it to prove themselves to other hackers, public attention, or just sabotage. The discussion provides an overview of a legal case on a computing case, denial of service attack which was presented before a court jurisdiction. More specifically, the case involves a denial of service attack on a city and the police department in Akron.
The case study revolves around James Robinson, who pleaded guilty to the responsibility of a denial of service attacks which resulted in shutting not only the down websites in the city but also the Police Department. His sentence was scheduled for July 2019. The documentation concerning this case explains that the servers of the websites in Akron city experienced a distributed denial-of-service attack in Aug 2017, with two specific websites being the major targets of the attack. In a DDOS attack, the perpetrator aims to make certain services and network infrastructure unavailable to the users through disrupting the host or provider. A DDoS involve an array of geographically dispersed bots or rather compromised devices under the control of the attacker against a target (Bhatia et al., 2018).
In this case, the attacker aimed at computing resources such as the memory, CPU, or even the network bandwidth leading to delay in response or total unavailability of essential services to users. The attacker sent superfluous traffic to the target servers causing it to flood, hence failing to respond to requests like expected. According to Heisig (2019), the perpetrator is also linked with the Anonymous hacking group. Robertson is known to have launched a denial of service attack in a period ranging from 2017 to 2018, overwhelming websites in the US as well as other targets all over the world. However, the attack in 2018 focused on the two cases under discussion, which took place in Akron.
According to the United States Department of Justice, the perpetrator took credit for what he had done using a tweet from @AkronPhoenix420. Furthermore, the tweet included a link to a YouTube video as well as other substantial evidence such as images from screenshots proving that the target website (akronohio.gov) was inaccessible or unreachable. The tweet included content claiming the Akron Police Department abuses the law, and thus, it was time to teach them a lesson (Bhatia, 2018). The video had a person wearing a Guy Fawkes mask. Furthermore, the twitter account had information depicting the owner to be responsible for other similar attacks against many other targets, including the Department of defense.
Later on, the FBI found a connection between his phone number to the twitter account used for taking credit. Also, in a search at his home, the FBI found the Guy Fawkes mask and a cell phone with a cracked screen, all matching the context in the tweet and photos. In the end, Robertson’s guilty plea landed him to prison with a sentence of six years. According to the official documents, Robertson claimed responsibility for the Akron attack, in addition to other attacks that were as explained in the tweet. Also, he was ordered to pay restitution to Akron officials worth $668,684. While there are six years imprisonment is excessive for a DDoS attack which caused only mere downtime in the services, the authorities have however never been easier on these kinds of criminals.
Argumentation
- Pros (Defendant)
In this case, the defendant is neither apologetic nor is he pleading not guilty. The defendant, Robertson seems to be contented with his actions. He claims in his tweets that he launched the distributed denial of service attack only to teach the Akron Police Department a lesson for misusing the law and the power. Nevertheless, this is not the right way to seeking justice for such unlawful authorities. For instance, the Department of Justice provides the right channels of reporting or filing complaints if any United States citizen has experienced police misconduct, or having their rights violated (United States Department of Justice, 2019).
Judging from observation, the perpetrator was neither ready to apologize, nor was he having any sense of regret. Therefore, we can presume that he had attained his objective, which was to merely bring down the sites. Moreover, he also got the chance of making the unethical use of power by the police department in Akron. Therefore, this leads to the topic of ethics.
- Cons (Prosecution)
In the US and other jurisdictions, denial of service attacks is against the law. Individuals or perpetrators are handled and charged ruthlessly based on the intensity of damage, motive as well as other factors determined by the jury. Therefore, it is a federal crime, regarding the Computer Fraud and Abuse Act. Furthermore, the Computer Crime and Intellectual Property Section of the US Department of Justice is responsible for handling cases of Denial of service attacks and Distributed Denial of service attacks as well. Any legal case involving such activities as hacking, DoS attacks, phishing, among others are against the law and punishable depending on the ruling and verdict as per the jury.
For instance, in this legal case, Robertson is the perpetrator while the US government law enforcement team, including the FBI, local police department, prosecutors, and other members of the legal body (Department of Justice), are responsible for proving him guilty and rendering a decision. Despite the plea agreement with the prosecutors, the judge exposed his disgust with the actions of the defendant and imposed a slightly higher sentence. Nevertheless, the prosecutors and the judicial team were able to prove him guilty, in addition to his plea.
While the Federal Bureau of Investigation was responsible for investigating the link between this online attention seeker and the real criminal, enough evidence was gathered to prove him guilty. More specifically, he was found in possession of the mask used by the individual in the YouTube video, as well as other possessions such as the cracked phone, which appeared in the tweets. The other incriminating evidence includes being in possession of the phone used for the tweets which bragged about being responsible for the Akron attack as well as other related cyber-related crimes such as hacking and unauthorized access. As a result, the jury could easily use the evidence, his guilty plea and some prove to rely on the investigation by the Federal Bureau of Investigation to render a decision.
Unethical Issues in the case
Firstly, the perpetrator brings to the attention of authorities the issue of misuse of power by the local police department. The fact that police are misusing power given by the authoritative agencies is so unethical that further investigation has to be undertaken by the superior and the legal agencies. Regardless of publicly airing the misuse of power among the Akron Police officers, his means were illegal and totally unethical. He used measures that implicated him as a loyal citizen, who however fails to honor and believe in the stipulated procedures for handling public and authorized individuals who misuse the power given to them by the authorities or agencies.
Furthermore, Robertson acts in an unethical manner by deciding to undertake all the actions, including the launching of the denial of service attacks to various agencies and companies to even humiliating the superiority of the agencies that allocate and appoint the local police officers. In the end, he never hides from the authorities. He even leaves clues to his own identity, making it easier to trace and locate his whereabouts. Its therefore evident that he considered it a win for himself, which means he had nothing to lose, seven if he pleads guilty.
Conclusion
According to how events are unfolding in the case, the incriminating evidence leaves no option other than sentencing the perpetrator in accordance with the law. Therefore, I agree with, or rather, in support of the verdict issued by the jury. The major reason is due to the arrogance and the need for publicity by the criminal. Despite the claims that he was trying to right the wrong based on his claims on the tweet, there would be other ways of legally handling the situation. According to my judgment, his approach was not the right way to seeking justice for such individuals. The attacker, in this case, Robertson should have found a better way of handling the situation.
On the other hand, there is no further documentation of the research and investigation majoring specifically on police misconduct in Akron. The documentation provides detail regarding the criminal, but not handling the other issues which he claims that the police are misusing power. Since the authorities are against any kind of misconduct using power given by the governmental agency, “under color of law” to deprive any individual the rights protected by the law of the United States (18 U.S.C. §§ 241, 242). Hence, despite the unlawful means used by the convicted, the authorities should take the initiative for further investigations about his allegations.
Nevertheless, the case ends with a very tough and intense ruling by the jury, who must have been irritated by the actions and Robertson’s lack of ethics. With his guilty plea, he was sentenced to six years imprisonment with restitution. However, the jury was not even interested much in the plea to reduce the sentence or consider a different approach to handle the case, such as indictment. The six years imprisonment is ruthless for DDoS attacks that never rendered any infrastructure is a state that could be termed as compromised.
References
Bhatia, S., Behal, S., & Ahmed, I. (2018). Distributed Denial of Service Attacks and Defense Mechanisms: Current Landscape and Future Directions. 10.1007/978-3-319-97643-3_3. https://www.justice.gov/usao-ndoh/pr/akron-man-pleaded-guilty-launching-denial-service-attacks-shut-down-web-sites-city.
https://www.cleveland.com/court-justice/2019/10/man-linked-to-anonymous-gets-six-years-for-cyberattacks-against-akron-us-defense-department-websites.html7
Heisig, E. (2019). Man linked to ‘Anonymous’ gets six years for cyber-attacks against Akron, U.S. Defense Department websites. Cleveland. https://www.cleveland.com/court-justice/2019/10/man-linked-to-anonymous-gets-six-years-for-cyberattacks-against-akron-us-defense-department-websites.html.
Bhatia, K. (2018). Akron Man Arrested for 2017 Cyber-attack On City, Police Websites. https://radio.wosu.org/post/akron-man-arrested-2017-cyberattack-city-police-websites.
Department of Justice (2019). Akron man pleaded guilty to launching denial of service attacks that shut down web sites for the city of Akron and the Akron Police Department. The United States Department of Justice. https://www.justice.gov/usao-ndoh/pr/akron-man-pleaded-guilty-launching-denial-service-attacks-shut-down-web-sites-city.
United States Department of Justice (2019). Addressing police misconduct laws enforced by the department of justice. https://www.justice.gov/crt/addressing-police-misconduct-laws-enforced-department-justice
“United States Code: Title 18,1030. Fraud and related activity in connection with computers | Government Printing Office”. gpo.gov. 2002-10-25. Retrieved 2014-01-15.