Significant legal hurdles make international cybercrime investigations and prosecutions extremely difficult.
To help shut down the Mariposa Botnet, which by some estimates had infected 13 million machines with malware, Panda Security of Spain worked closely with Spanish law enforcement officials on the investigation that resulted in this cybercrime success story.
It was critical to work closely with the Spanish Civil Guard in order to arrest the suspects, who were also located in Spain, said threat researcher Sean-Paul Correll when discussing the incident at a conference in Washington, D.C.
A botnet is a network of computers that have been surreptitiously taken over by malware and are run from a command and control server. The significant thing about botnets is that they put a lot of computing power into anyone’s hands. In this case, the small group could run the application even though they “almost completely” lacked technical expertise, Correll says. Others could likely do the same.
Overall, arrests of cyber criminals are on the rise, according to officials and published reports. The United States, the United Kingdom, Ukraine, and other countries recently announced an unusually large round of about 100 arrests, with many of those arrested said to be “money mules” sending cash to cyber thieves overseas.
But these types of arrests probably have “virtually no impact at all on global cybercrime,” Correll grimly noted.
Others agree, pointing to the many challenges to cross-border investigations and prosecutions. Challenges range from varying extradition and evidentiary laws to the high cost of investigations and the low cost of malware products.
Prosecutions are difficult, and significant prison sentences are rare in these cases, say experts. One of the biggest challenges is gathering evidence that can be used in courts in the countries with jurisdiction, says Barrett Lyon, a technology entrepreneur who spent years helping law enforcement track Russian denial of service extortionists, which led to three arrests. The problem is that the evidentiary laws vary considerably from country to country. Law enforcement has made progress in easing differences, he says, but many challenges remain.
(To finish reading "Battling Cybercrime Across Borders" from the January issue of Security Management, click here .)
♦ Photo of Lady Justice by navets/Flickr