Hacking for Lulz: Employing Expert Hackers to Combat Cyber Terrorism

Download

Swathi Padmanabhan · 15 Vand. J. Ent. & Tech. L. 191

Abstract

Because hacking collectives Anonymous and LulzSec have routinely breached supposedly secure computer networks—including Visa, MasterCard, and the Central Intelligence Agency—the threat of cyber terrorism has become more prominent. Many US industries and companies depend on online communication and information storage. If terrorists compromise these capabilities, they could cripple the US economy and perhaps even cause widespread fatalities. Members of Anonymous and LulzSec lack the necessary intent to be prosecuted as cyber terrorists because they hack not to cause fear, but rather to create laughter. Their method of posting all necessary instructions and information regarding intended targets on online message boards could, however, serve as a model for terrorists seeking to cause harm. Indeed, the Anonymous and LulzSec model permits an unknown number of hackers to anonymously participate in attacks. Without the ability to trace these individuals, the Computer Fraud and Abuse Act and all subsequent legislative attempts to improve cyber security and combat cyber terrorism, which require that the identity of perpetrators be known, are ineffective.


This Note therefore proposes a new bill that seeks to preempt attacks before they occur. It suggests more extensive public- and private-sector collaboration to anticipate novel hacking techniques and to uncover weaknesses in network security. Most importantly, it concludes that hiring Anonymous and LulzSec members, rather than prosecuting them, will more effectively aid the United States in protecting itself against cyber terrorism.