Hacking, Unauthorized Access, And System Disruption Crimes

05 Oct 2025 --
0 Comments

1. Hacking and Unauthorized Access

Definition: Hacking is the act of gaining unauthorized access to computer systems, networks, or data, often to steal, manipulate, or destroy information. Unauthorized access is a violation of cybersecurity laws such as the Computer Fraud and Abuse Act (CFAA, USA) or the Information Technology Act (2000, India).

Case 1: United States v. Kevin Mitnick (1995, USA)

Facts: Kevin Mitnick, one of the most famous hackers, illegally accessed networks of major corporations like IBM, Nokia, and Motorola. He stole software and sensitive data, exploiting weak security measures.

Legal Issues: Violation of the Computer Fraud and Abuse Act (CFAA), wire fraud, and unauthorized access to protected systems.

Outcome: Mitnick was arrested and served five years in prison, including pre-trial detention. He later became a cybersecurity consultant, showing how the law penalizes unauthorized access severely.

Case 2: TJX Companies Data Breach (2007, USA)

Facts: Hackers penetrated TJX’s network using stolen Wi-Fi credentials, accessing over 45 million credit and debit card numbers. The breach involved bypassing encryption and internal security systems.

Legal Issues: Unauthorized access, theft of sensitive financial data, violations of federal computer crime laws.

Outcome: Several hackers were arrested and sentenced to prison. TJX paid over $9 million in fines and compensation. The case highlighted the need for robust encryption and network security.

Case 3: Sony PlayStation Network Hack (2011, USA)

Facts: Hackers infiltrated Sony’s PlayStation Network, compromising 77 million user accounts and exposing personal data. The network was down for 23 days, causing massive disruption.

Legal Issues: Unauthorized access, identity theft, negligence in cybersecurity measures.

Outcome: Sony paid $15 million in settlements to affected users and improved its cybersecurity infrastructure. This case reinforced the accountability of corporations for protecting user data.

2. System Disruption and Denial of Service (DoS) Attacks

Definition: System disruption crimes involve intentionally interrupting computer systems, networks, or services. Common forms include Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks.

Case 4: Anonymous DDoS Attacks (2010–2012, Global)

Facts: The hacker collective Anonymous launched multiple DDoS attacks on government, financial, and corporate websites in protest of policies they opposed. Major targets included PayPal, Mastercard, and the FBI.

Legal Issues: Unauthorized access, intentionally causing damage to computer systems, violations of CFAA and international cybercrime laws.

Outcome: Several participants were arrested globally. Some received fines and prison sentences. The case established that political or protest motives do not exempt hackers from criminal liability.

Case 5: Bangladesh Bank Heist (2016, Bangladesh)

Facts: Hackers gained access to Bangladesh Bank’s SWIFT system and attempted to steal $951 million. They successfully transferred $81 million to accounts in the Philippines before the fraud was discovered.

Legal Issues: Cyber theft, unauthorized access to banking systems, fraudulent wire transfers.

Outcome: Investigations implicated international cybercriminals, including the Lazarus Group (North Korea). Banks worldwide implemented stricter SWIFT security protocols. This case highlighted vulnerabilities in global financial systems to cyberattacks.

Case 6: WannaCry Ransomware Attack (2017, Global)

Facts: The WannaCry ransomware infected over 200,000 computers in 150 countries, encrypting data and demanding ransom in Bitcoin. Hospitals, companies, and governments were affected, causing severe disruption.

Legal Issues: Unauthorized access, system disruption, cyber extortion, violation of multiple international cybercrime laws.

Outcome: Attribution pointed to North Korean hackers. Organizations strengthened cybersecurity policies, patch management, and ransomware defenses. Law enforcement globally coordinated to reduce ransomware threats.

Case 7: Maroochy Shire Sewage Hack (2000, Australia)

Facts: A disgruntled former employee hacked into the Maroochy Shire sewage control system, causing 800,000 liters of raw sewage to spill into rivers and parks.

Legal Issues: Unauthorized access, malicious damage to computer-controlled infrastructure.

Outcome: The hacker was arrested, convicted, and sentenced to prison. The case is a classic example of cyber-physical system disruption, showing that hacking can cause real-world environmental damage.