How Federal Prosecutors Use The CFAA
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the intricacies of the Computer Fraud and Abuse Act (CFAA) and its application in federal hacking cases through this illuminating Black Hat conference talk. Gain valuable insights from a Department of Justice's Computer Crime & Intellectual Property Section Prosecutor as they break down the CFAA in plain English and explain the decision-making process for bringing charges. Discover key statistics on CFAA usage, learn how to navigate potential legal pitfalls as a practitioner or researcher, and understand the delicate balance between protecting computer networks and fostering critical vulnerability research. Delve into topics such as state vs. federal jurisdictions, charging decisions, sentencing factors, and the investigatory phase. Examine real-world examples, average sentences, and concerns about chilling effects on security research. Gain knowledge about foreign nation-state attacks, vulnerability scanning, and the DOJ's approach to monetary thresholds, authorization, and loss calculation. Leave with a comprehensive understanding of how federal prosecutors utilize the CFAA and how to conduct security research responsibly while enabling law enforcement to pursue genuine criminal behavior.
Syllabus
Intro
Welcome
Preface
State vs Federal Governments
The CFAA
Three Components
How Often Do We Use The CFAA
Factors That Must Be Considered
Charging Decisions
Sentencing
Factors
Example
Average Sentence
Concession
Concerns about chilling
The investigatory phase
Vulnerability scanning
Summary
Foreign Nation State Attacks
Where To Find Information
Education
DOJs Approach
Monetary Thresholds
Authorization
Loss Calculation
Preventing Legal Recourse
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube