Protecting Critical Infrastructure Through Prosecution

This report explores how criminal prosecution can be a powerful tool for protecting U.S. critical infrastructure against cyber and physical threats. Using the example of the Flax Typhoon botnet takedown, the authors highlight gaps in current federal law that limit deterrence, particularly when dealing with nation-state actors and sophisticated cyber campaigns. They propose strengthening statutes, sentencing guidelines, and interagency collaboration—along with judicial education—to better reflect the national security stakes involved. The paper offers a rare practitioner’s perspective from within CISA on modernizing legal frameworks to meet the evolving threat landscape.