Call Today! Free Immediate Response (818) 781-1570

CRIMINAL LAW BLOG

18 U.S.C. § 1030 - Computer Fraud Abuse Act (CFAA)

Posted by Dmitry Gorin | Aug 05, 2025

The Computer Fraud and Abuse Act (CFAA), 18 U.S.C. 1030, is a pivotal cybersecurity law that serves as a protective barrier, thwarting activities that harm computer systems. It offers robust defense for federal, bank, and Internet-connected computers, thereby fostering a profound sense of security in the digital domain.

18 U.S.C. § 1030 - Computer Fraud Abuse Act (CFAA)
Federal law prohibits the access of a protected computer to cause harm or to commit a federal fraud-related crime.

It's designed to protect computers from trespassing, threats, damage, espionage, and fraud. Other related federal statutes also provide protections related to computer systems, such as the Identity Theft Enforcement and Restitution Act.

Typically, "computer hacking" refers to the act of obtaining unauthorized access to a computer system with the intention of stealing or altering data. Internet crimes, such as theft-related offenses, often involve hacking a computer to access a business or organization's private network.

Computer hacking frequently crosses state lines because the computers are in different states, which means these types of crimes can be prosecuted as federal crimes. Still, most computer hacking cases are prosecuted in a state criminal court.

Computer hacking, in simple terms, refers to the unauthorized use of a computer to gain access to another computer with the intention of committing fraud or causing harm. Such actions can lead to prosecution under the Computer Fraud and Abuse Act.

Computer Crimes

18 U.S.C. 1030, the cornerstone of the CFAA, encompasses a wide spectrum of computer crimes, making it a comprehensive and frequently used statute by federal prosecutors. These crimes include unauthorized access to computer systems, theft of information, and other forms of cyber fraud, providing a comprehensive understanding of the law's reach.

Federal computer hacking cases often involve unlawful access to a U.S. government, business, or personal computer with the intent to cause harm, commit fraud, or obtain something of value.

"Cybercrime" is a closely related term to computer hacking that can also be applied to a broad range of computer-related crimes.

What is "Computer Hacking?"

Computer hacking is described as the act of unlawfully using a computer to gain access to or attempt to access another computer with the intention of obtaining information or committing a fraud-related offense. This includes a situation where someone hacks a computer to access someone's personal information, financial accounts, or credit card information.

Violating a federal law on computer hacking can occur in various ways, such as sending an email with a malicious virus to gain unauthorized access to a computer.

Notably, you do not have to actually complete the process of illegally hacking a computer to face charges of federal computer hacking. Rather, just the attempt is sufficient to be charged under the 18 U.S.C. 1030 statute. In most federal computer hacking cases, it includes a situation where somebody was accused of:

  • Hacking into a government computer, or
  • Hacking into a computer to steal something of value,
  • Hacking into someone's personal or business computer to commit identity theft or get their financial information,
  • Hacking to destroy files or to cause damage to the computer system.

What is the Computer Fraud and Abuse Act (CFAA)?

The Computer Fraud and Abuse Act (CFAA), enacted in 1986, was initially designed to protect government computers and information systems. However, this statute was expanded to prosecute anyone who was accused of illegally accessing business, protected, or personal computers.

In most 18 U.S.C. 1030 criminal prosecutions defined under the CFAA, the illegal conduct will involve a specific type of behavior, such as the following:

  • Unauthorized access to a protected computer.
  • Unlawful access to stored communications.
  • Obtaining information without authorization.
  • Obtaining something of value without authorization
  • Unlawful computer access intending to commit fraud.
  • Access to a protected computer with authorization.
  • Trafficking of computer passwords with the intent to defraud
  • Access a computer intending to damage or destroy files.
  • Damaging computer systems.
  • Conspiring or attempting to commit hacking.
  • Distributing confidential computer material.
  • Sending spam emails

Federal prosecutors will pursue criminal charges against anyone who attempts to violate computer hacking laws or is involved in a conspiracy to do so. The law applies to both individuals and organizations.

What is a "Protected Computer?"

A protected computer is any computer that is connected to the Internet and is used in or affecting interstate or foreign commerce or communication, including those of a government agency, provided to an employee, or in a public library.

This term is crucial for understanding the scope of the law, as it helps identify the types of computers protected under the CFAA, thereby empowering the audience with essential knowledge.

Protected Computer

To be charged criminally under 18 U.S.C. 1030, you must access a protected computer without authorization or exceed your authorization by improperly using the computer.

For instance, accessing a company's computer network without permission or using a colleague's login credentials to access sensitive information would be considered unauthorized access or exceeding authorization. 

Other examples include using a former employee's login credentials to access the company's system or using a shared computer for personal use without permission.

The closely related crimes to 18 U.S.C. § 1030, which involve federal computer hacking, include conspiracy to commit computer hacking. This means that even if you did not directly hack a computer, but you were part of a plan or agreement to do so, you could still be charged under the CFAA.

Other related crimes include the distribution of confidential computer material, sending a large amount of spam emails, and unlawful access to stored communications.

What Are Related Federal Statutes?

18 U.S. Code Chapter 47, Fraud and False Statements, has numerous related federal statutes, such as the following:

  • 18 U.S.C. 1001 - Statements or entries generally
  • 18 U.S.C. 1002 - Possession of false papers to defraud the United States
  • 18 U.S.C. 1003 - Demands against the United States
  • 18 U.S.C. 1004 - Certification of checks
  • 18 U.S.C. 1005 - Bank entries, reports, and transactions
  • 18 U.S.C. 1006 - Federal credit institution entries, reports, and transactions
  • 18 U.S.C. 1007 - Federal Deposit Insurance Corporation transactions
  • 18 U.S.C. 1010 - Department of Housing and Urban Development and Federal Housing Administration transactions.
  • 18 U.S.C. 1011 - Federal land bank mortgage transactions.
  • 18 U.S.C. 1012 - Department of Housing and Urban Development transactions.
  • 18 U.S.C. 1013 - Farm loan bonds and credit bank debentures.
  • 18 U.S.C. 1014 - Loan and credit applications generally; renewals and discounts; crop insurance.
  • 18 U.S.C. 1015 - Naturalization, citizenship, or alien registry.
  • 18 U.S.C. 1016 - Acknowledgment of appearance or oath.
  • 18 U.S.C. 1017 - Government seals are wrongfully used, and instruments are wrongfully sealed.
  • 18 U.S.C. 1018 - Official certificates or writings.
  • 18 U.S.C. 1019 - Certificates by consular officers.
  • 18 U.S.C. 1020 - Highway projects.
  • 18 U.S.C. 1021 - Title records.
  • 18 U.S.C. 1022 - Delivery of certificate, voucher, receipt for military or naval property.
  • 18 U.S.C. 1023 - Insufficient delivery of money or property for military or naval service.
  • 18 U.S.C. 1024 - Purchase or receipt of military, naval, or veteran's facilities property.
  • 18 U.S.C. 1025 - Pretenses on high seas and other waters.
  • 18 U.S.C. 1026 - Compromise, adjustment, or cancellation of farm indebtedness.
  • 18 U.S.C. 1027 - False statements and concealment of facts in relation to documents required by the Employee Retirement Income Security Act of 1974.
  • 18 U.S.C. 1028 Fraud and related activity in connection with identification documents, authentication features, and information.
  • 18 U.S.C. 1028A - Aggravated identity theft.
  • 18 U.S.C. 1029 - Fraud and related activity in connection with access devices.
  • 18 U.S.C. 1030 - Fraud and related activity in connection with computers.
  • 18 U.S.C. 1031 - Major fraud against the United States.
  • 18 U.S.C. 1032 - Concealment of assets from the conservator, receiver, or liquidating agent.
  • 18 U.S.C. 1033 - Crimes by or affecting persons engaged in the business of insurance whose activities affect interstate commerce.
  • 18 U.S.C. 1034 - Civil penalties and injunctions for violations of section 1033.
  • 18 U.S.C. 1035 - False statements relating to health care matters.
  • 18 U.S.C. 1036. Entry by false pretenses to any real property, vessel, or aircraft of the United States or secure area of any airport or seaport.
  • 18 U.S.C. 1037 - Fraud and related activity in connection with electronic mail
  • 18 U.S.C. 1038. False information and hoaxes.
  • 18 U.S.C. 1039 - Fraud and related activity in connection with obtaining confidential phone records information of a covered entity.
  • 18 U.S.C. 1040 - Fraud in connection with major disaster or emergency benefits.

What are the Section 1030 Penalties?

Federal computer hacking charges under 18 U.S.C. 1030 can be filed as either a misdemeanor or a felony. The federal prosecutor makes their decision based on the specific circumstances, motivation for the illegal conduct, and the severity of the harm caused.

Suppose you only attempted to access a protected computer. In that case, it will typically be classified as a misdemeanor offense.

Suppose you actually hacked a computer for financial gain, to commit another crime, or to obtain information with a total value of over $5,000. In that case, it will be filed as a felony. If you are convicted of felony computer hacking, the penalties include the following:

  • Up to 10 years in federal prison and
  • Up to a $10,000 fine.

Notably, certain enhancements increase the penalties, such as when computer hacking was done with the intent to commit another crime, such as identity theft or credit card fraud.

What Are the Computer Hacking Defenses?

Suppose you are under investigation or have already been charged with a federal computer hacking offense. In that case, our experienced federal criminal defense attorneys can employ several effective strategies to achieve the best possible outcome.

The federal prosecutor has the burden of proof. They must prove all the elements of the crime beyond a reasonable doubt.

For example, in an 18 U.S.C. 1030 federal computer hacking case, it must be proven that you knowingly and intentionally hacked a computer. Thus, the common defenses include the following:

  • You didn't intentionally access the computer without authorization.
  • The access to the computer didn't rise to the level of hacking.
  • You didn't unlawfully access the computer.
  • There was a reason to believe you had authorization.
  • You are the victim of a false accusation.

Additionally, we might be able to negotiate a favorable plea deal with the prosecutor or even persuade them to dismiss the charges. Contact our law firm, Eisner Gorin LLP, in Los Angeles, California, for additional information.

Related Content:

About the Author

Dmitry Gorin

Dmitry Gorin is a State-Bar Certified Criminal Law Specialist, who has been involved in criminal trial work and pretrial litigation since 1994. Before becoming partner in Eisner Gorin LLP, Mr. Gorin was a Senior Deputy District Attorney in Los Angeles Courts for more than ten years. As a criminal tri...

We speak English, Russian, Armenian, and Spanish.

Attorney Dmitry Gorin If you have one phone call from jail, call us! If you are facing criminal charges, DON'T talk to the police first. TALK TO US!

CALL TOLL-FREE
(818) 781-1570
Anytime 24/7

Menu