The Computer Fraud and Abuse Act (CFAA) is a federal law in the United States that criminalizes computer-related fraud and abuse. It was enacted in 1986 and has been amended several times since then. The CFAA makes it illegal to intentionally access a computer or computer network without authorization or exceed authorized access, and to use a computer or computer network to commit fraud or other crimes. It also criminalizes the distribution of malicious software, such as viruses and malware, and the possession or trafficking of stolen computer-related materials.
The CFAA applies to computers and computer networks that are used in or affecting interstate or foreign commerce or communication, including computers and networks owned by the federal government, financial institutions, and critical infrastructure. The CFAA provides both criminal and civil penalties for violations, including fines and imprisonment. It is enforced by federal law enforcement agencies, such as the FBI and Secret Service, and is often used in conjunction with other federal and state laws to prosecute cybercrimes.