The US Government has proposed an amendment that would enable the Department of Justice to seek an injunction to prevent the diffusion of botnets.
The Obama’s Administration would add activities like the operation of a botnet to the list of offenses eligible for injunctive relief.
“The Administration’s proposed amendment would add activities like the operation of a botnet to the list of offenses eligible for injunctive relief. Specifically, the amendment would permit the department to seek an injunction to prevent ongoing hacking violations in cases where 100 or more victim computers have been hacked.” Leslie R. Caldwell, assistant attorney general in the criminal division at the Department of Justice, wrote in a blog post.
The amendment would give Obama Administrator a more power to take over the dangerous botnets. In the recent years, law enforcement have conducted several operation against operators of principal botnets, including the GameOver Zeus and Ramnit.
In some cases, the law enforcement dismantled the entire control infrastructure, in other cases they hit only a part of the overall infrastructure, seizing its servers or arrested a number of its operators.
“One powerful tool that the department has used to disrupt botnets and free victim computers from criminal malware is the civil injunction process. Current law gives federal courts the authority to issue injunctions to stop the ongoing commission of specified fraud crimes or illegal wiretapping, by authorizing actions that prevent a continuing and substantial injury. This authority played a crucial role in the department’s successful disruption of the Coreflood botnet in 2011 and the Gameover Zeus botnet in 2014,” continues Leslie R. Caldwell.
According to Cladwell, the principal problem is represented by the limits imposed by current law that allows authorities to issue injunctions to contrast only specific crimes.
“Current law gives federal courts the authority to issue injunctions to stop the ongoing commission of specified fraud crimes or illegal wiretapping, by authorizing actions that prevent a continuing and substantial injury,” she wrote.
“The problem is that current law only permits courts to consider injunctions for limited crimes, including certain frauds and illegal wiretapping,” she added. “Botnets, however, can be used for many different types of illegal activity. They can be used to steal sensitive corporate information, to harvest email account addresses, to hack other computers, or to execute DDoS attacks against web sites or other computers. Yet — depending on the facts of any given case — these crimes may not constitute fraud or illegal wiretapping. In those cases, courts may lack the statutory authority to consider an application by prosecutors for an injunction to disrupt the botnets in the same way that injunctions were successfully used to incapacitate the Coreflood and Gameover Zeus botnets.”
Resuming the federal authorities request more in granting injunctions to fight botnets and take down malicious infrastructures.
“In sum, this proposal would provide the government with an effective tool to shut down illegal botnets or certain widespread malicious software to better match the ways that criminals are using these technologies,” she wrote.
(Security Affairs – botnets, US Government)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.