In December 2016 Kurt Eichenwald was the target of an online cyber attack implemented through the use of Twitter. Eichenwald is an American journalist and author who covered much of the presidential election in 2016. On December 11, 2016, Eichenwald was sent a Graphics Interchange Format (GIF) displaying strobes with a bright flashing light, intentionally designed to induce an epileptic seizure. Embedded in the GIF was the sentence, “You deserve a seizure for your posts”. The Eichenwald posts that John Rayne Rivello, a former Marine veteran who had previously served in both Iraq and Afghanistan, was referring to were a critique of President Trump.
Rivello’s tweet was subsequently followed by additional tweets from other accounts. Rivello’s attack is also being considered a hate crime due to the anti-Semitic undertones. His twitter account, which was used to send the GIF to Eichenwald, was formally named. Eichenwald, who is Jewish on his father’s side, also received numerous tweets following the Rivello attack. Many of these tweets displayed Pepe the Frog, a hate symbol commonly used on social media to promote racist or anti-Semitic behavior.
This kind of attack could be considered an interpersonal cybercrime due to the relationship between the offender and victim. When Rivello began to victimize Eichenwald by harming him through the use of a computer/computer resource or computer network the crime became a cybercrime . Rivello was initially charged by the FBI with ‘aggravated assault with a deadly weapon’ and ‘cyberstalking with intent to commit bodily harm’, however, in November 2017 U.
S. Attorneys dropped the latter charge. The first count of aggravated assault with a deadly weapon carries a maximum sentence of 10 years and could have additional implications for Rivello if found guilty of hate speech. Further investigation revealed direct messages on Twitter by Rivello, confirming his intention to induce an epileptic attack on Eichenwald, hopefully leading to Eichenwald’s death. Police also found a screenshot from Eichenwald’s Wikipedia page on Rivello’s phone. The screenshot displayed an edited date for Eichenwald’s death to be December 16, 2016.
Text messages between Rivello and his friends also support the claim that Rivello sent the GIF intentionally in order to inflict an epileptic seizure. Rivello wrote to friends, “I hope this sends him into a seizure” and “Spammed this at Eichenwald lets see if he dies”. While U.S. attorneys dropped the initial charge of cyberstalking, I believe the mode by which the attack was delivered should be considered a form of cybercrime. The intention of the crime could have led to a form of traditional crime such as bodily harm through an epileptic seizure. And yet, it is important to identify and send a message to the public that although the intended outcome may be similar, differentiation between cybercrimes and traditional crimes will be noted and may result in differing forms of punishment. Furthermore, the charge of aggravated assault with a deadly weapon, which Texas prosecutors are seeking, carries a hate crime enhancement. The hate crime component, as previously mentioned, is a result of the clear anti-Semitic nature of the attack.
The additional tweets aimed at Eichenwald after the attack, which contained images of Pepe the Frog, could also be considered symbolic pictorial attacks. According to Navarro, symbolic pictorial attacks are caused when a posting with an image contains a threatening message aimed at the victim. In this case the image of Pepe the Frog sends a clear message of anti-Semitism from far right movements. Given the ease of access to the Internet in recent years, as well as the assumption of anonymity, it is expected more attacks will be delivered through the use of cyber technology. Equally problematic for law enforcement is the rapid acceleration of technology to continually evolve, and the accessibility the Internet provides as a platform. By utilizing these features inherent to technology, cybercrime will most likely continue to see more sophisticated attacks. Compounding the issue for law enforcement is the fact that laws are often slow to catch up with the crime. Granted Eichenwald’s medical condition of epilepsy did make him a soft target to those willing to try and trigger a seizure. Additionally, Eichenwald compounded his likelihood of being a target.
Previously, he had written that he suffers from epilepsy and had formerly been attacked on other occasions using Twitter. This public release of information not only gave his attackers access to a part of his medical data but also gave them specific a way to continue to target him in the future. Eichenwald is a special case because most people would not have the same public platform to divulge such sensitive medical information. However, with growing concerns of cybercrime, it is plausible that some attackers could target medical information about the public in order to coordinate further attacks based on medical illnesses. In order to prevent cyber-attacks fueled by medical information specific to epilepsy either posted on line knowingly or retrieved illegally, any social media platform should design settings automatically warning a user before viewing potentially harmful content. The message could read, ‘viewing this content may trigger an epileptic attack’. This idea would be similar to how content on Twitter is already screened. A notice appears stating similar to, ‘The following image or video may show explicit or adult content.
Viewer discretion is advised’. Implementing an additional medical message could remind someone with epilepsy or a similar medical condition to be cautious of unknown accounts containing potentially medically dangerous features. Given the ease of such an attack, like the one on Eichenwald, solutions to these types of cybercrimes will need to be the responsibility of a multi-pronged approach. Consumers need to be educated and aware of all the possible potentials of cyber-attacks, especially consumers with medical conditions. Tech companies need to keep their consumers informed by alerting them to potential dangers but also continuing to invest and explore protecting potentially sensitive information. Law enforcement has a challenging task before them due to the evolving nature of technology, and will need to work with all the above stakeholders. Others will surely attempt to commit similar crimes. I think what makes this type of cybercrime so unique and potentially problematic is in the future, prosecutors may have difficulty in determining intent by the offender.
In the Eichenwald case, there was clear communication by Rivello signifying intent. However, if no intent or prior knowledge of the victim’s medical condition by the accused could be proven, I am unsure of how judges would rule in cases such as these. That the majority of people do not have epilepsy, it is reasonable to assume a plausible defense could stand on the fact that the offender simply did not know of the victim’s medical condition. Determining culpability in cases such as these could be tricky. Given all these potential prosecutorial concerns, it seems prevention of these types of attacks would be a more effective management plan as opposed to trying to determine intent or culpability. Finally, given how recently cybercrimes how evolved it can be difficult for people to know who to contact. However, as Navarro mentions, the US Department of Justice has a web page designed to direct victims of cyber crimes to whom they should contact for guidance and action. Greater public knowledge to sites such as these may give people more confidence in reporting cybercrimes and help reduce future reoccurrences.