By Kevin Poulsen
May 08, 2008
The AP follows up today on my March story about an assault on a popular epilepsy support forum, in which internet griefers used JavaScript code and flashing computer animation to trigger migraine headaches and seizures in some users.
RyAnne Fultz, 33, says she suffered her worst epileptic attack in a year after she clicked on the wrong post at a forum run by the nonprofit Epilepsy
There's really only one bit of new information in the report. Apparently the FBI is now investigating the attack.
That's interesting because, assuming the Bureau is able to find some of the culprits, it could lead to the first federal prosecution under an anti-cyber terrorism provision passed in 1996 as part of the National Information Infrastructure Protection Act.
The law created a new crime of attacking a computer to cause "physical injury to any person." Some of us laughed at that provision at the time, and as far as I know it's never been used. But in this case it just might fit.
To get there, prosecutors would have to show that the attackers intentionally damaged the Epilepsy Foundation's forum. Since the attack flooded the forums with hundreds of embedded pictures, links to pictures, and browser-hijacking redirect code, that might not be too high a hurdle.
The attackers also would have to be guilty of gaining unauthorized access to the computer, or, perhaps more apt in this case, caused the "transmission of a program, information, code, or command" that damaged the forum and injured the victims.
http://blog.wired.com/27bstroke6/2008/05/report-fbi-inve.html
No comments:
Post a Comment