If you are a hacker, you better stick with mischief, rather than causing money losses. U.S. authorities often prosecute computer hacks that cause more mischief than money losses, but long prison sentences are very rare in such cases.
The most recent example of a mischievous kind of hack was the attack on the U.S. Central Intelligence Agency's website. There was no immediate evidence of losing any sensitive data when the agency's website was attacked on Wednesday, a Reuters report said.
According to U.S. cybercrime laws, it hardly matters whether there have been data breaches in any hacking activity. A hacker may not steal information, but he or she will have to face prosecution under the Computer Fraud and Abuse Act, if the victim shows that he or she has suffered a considerable amount of financial damage in a certain period of time, said Ross Nadel, a former federal prosecutor who specialized in investigating computer crimes.
Nadel said prosecutors always find it difficult to investgate cyber attacks, because hackers often use intermediary computers that have been previously compromised, rather than directly attack a website.
However, according to Nadel, the Wednesday's attack on the CIA website is likely to get serious treatment as the government usually prioritizes high dollar crimes, or those that target government institutions.
Over the recent weeks, a number of multinational companies and institutions have been targeted by hackers. One of the high profile victims of the hacker group called Lulz Security, Sony Corp, faced dozens of lawsuits related to the theft of consumer data from its Playstation network.
Although the government does go after hackers who do not cost a high financial loss, they are more likely to end up with probation, said Nolan.
According to a Justice Department manual on cybercrime prosecutions, even if there is not much of financial loss caused by a hacker, as in the case of CIA hacking, the government can still try to enhance a sentence by arguing that sophisticated means were used to carry out the crime. The number of victims can also be a key player.
Last year, an American named Albert Gonzalez was accused of being connected with the computer hacking of several major U.S. retailers, in which over 40 million credit and debit card numbers were said to have been stolen. He was sentenced to 20 years in prison.
A former contractor for the animal rights group PETA Foundation was sentenced to a year of probation with $1,400 in compensation last month, although there wasn't any financial loss being reported. He logged into the organization's server from his Los Angeles apartment and deleted about 575 video and HTML files.