the Justice Department in a blog post this week argued that the current law doesn't go far enough in effort to prevent botnets, which can hijack hundreds if not thousands of machines to launch distributed denial-of-service (DDoS) attacks against networks, and steal sensitive corporate data or launch.
Leslie Caldwell, Assistant Attorney General for the Criminal Division at the Justice Department, "Individual hackers and organized criminal groups are using state-of-the-art techniques to infect hundreds of thousands -- sometimes millions -- of computers and cause massive financial losses, all while becoming increasingly difficult to detect."
One powerful tool that the department has used to disrupt botnets and free victim computers from criminal malware is the civil injunction process.
Botnets have been of particular concern to the US government in recent months, following major networks like GameOver Zeus, which is said to have stolen more than $100 million.
This authority played a crucial role in the department’s successful disruption of the Coreflood botnet in 2011 and the Gameover Zeus botnet in 2014. These botnets used keystroke logging or “man-in-the-middle” attacks to collect online financial account information, and they transferred stolen funds to accounts controlled by the criminals.
The Gameover Zeus botnet, which infected computers worldwide, was estimated to have inflicted over $100 million in losses on American victims alone, often on small and mid-sized businesses.
Because the criminals behind these particular botnets used them to commit fraud against banks and bank customers, existing law allowed the department to obtain court authority to disrupt the botnets by taking actions such as disabling communication between infected computers and the command and control servers. Taking action to shut down botnets has been praised in the press [external link] and in Congress.
The Administration’s proposed amendment would add activities like the operation of a botnet to the list of offenses eligible for injunctive relief. Specifically, the amendment would permit the department to seek an injunction to prevent ongoing hacking violations in cases where 100 or more victim computers have been hacked.
This numerical threshold focuses the injunctive authority on enjoining the creation, maintenance, operation, or use of a botnet, as well as other widespread attacks on computers using malicious software
This proposal would provide the government with an effective tool to shut down illegal botnets or certain widespread malicious software to better match the ways that criminals are using these technologies. It assures that the legal mechanism that has proven effective to date will be available.
