U.S. flag

An official website of the United States government, Department of Justice.

NCJRS Virtual Library

The Virtual Library houses over 235,000 criminal justice resources, including all known OJP works.
Click here to search the NCJRS Virtual Library

Increased Penalties for Cyber Security Offenses

NCJ Number
Diana E. Murphy; Ruben Castillo; William K. Sessions III; John R. Steer; Michael E. O'Neill; Eric H. Jaso; Edward F. Reilly Jr.
Date Published
May 2003
16 pages
This report to Congress reviews the guidelines applicable to computer crime and explains actions taken in response to the Cyber Security Enhancement Act of 2002.
The Cyber Security Enhancement Act of 2002 directs the United States Sentencing Commission to review and amend guidelines and policy statements applicable to individuals convicted of offenses related to computer security. The Commission analyzed data on 116 cases of individuals convicted and sentenced during fiscal years 2001 and 2002. Data revealed that most violators were well educated, and had minimal criminal histories. Forty-eight percent of the crimes were committed for financial reasons. Based on this analysis, the report outlines modifications to the amendment that are designed to ensure that the guidelines and policy statements applicable to persons convicted of computer-related crimes reflect the seriousness and growing incidence of computer offenses and the need to provide for an effective deterrent. Modifications include the enhancement of targeting offenses involving malicious intent and modifications for offenses involving computer systems used in critical infrastructure and national defense and security. Implementation of the directive is also reviewed in the report as it applies to loss, sophistication and planning, commercial advantage and private financial benefit, malicious intent, privacy, computers used for national security issues, critical infrastructure, and threat to public health and safety. Finally, the report provides recommendations for increased statutory penalties for computer-related offenses.