Man Gets 3 Years for Botnet Attack

← Back to Stories (view on slashdot.org)

Man Gets 3 Years for Botnet Attack

Posted by ryuzaki0 on Saturday August 26, 2006 @10:27PM from the nice-job-macgruff dept.

Vobbo writes "Weeks after NANOG subscribers argued whether or not mitigating botnet command and control systems was a worthwhile endeavor, the LA Times reports that the old fashioned method of arresting and prosecuting criminals still works. Prosecutors successfully prosecuted a 21 year old who had conspired to create botnets that attacked the Department of Defense, a California school district, and a Seattle hospital before being arrested. He plead guilty and was sentenced to 3 years of 'supervised release.'"

13 of 89 comments (clear)

Min score:

Reason:

Sort:

Remind me again, why do we need all these new laws by the_leander · 2006-08-26 22:40 · Score: 4, Insightful

Because it seems to me, that the new legislation isn't worth spit, what is needed, is more manpower available to track, prosecute and breakup such nets.

--
regards, the_leander
I wonder... by ZeroExistenZ · 2006-08-26 22:51 · Score: 3, Insightful

... how this new type (spammers, mailflooders, scriptkiddies, 'hackers', scammers, ...) of jail-citizen are welcomed and threated.

I often read these kindof things and wonder wherever punishment isn't tooo hard on cybercrime, if you compare the crimes committed to equal the sentence time. It appears out of proportion to me.

In this case one can argue it's a "conspiracy against the government" or a plot to "attack the US infrastructure". However, I doubt the guy ever planned to start some sortof war with the government, other then showing his discontent or something like that.

It doesn't really matter how I think about this specific case, but it makes me wonder to what computer crime (and the definition thereof) compares to other crimes? I can see the scammers being up there with fraud, no argue. But I'm sure about the others.

--
I think we can keep recursing like this until someone returns 1
1. Re:I wonder... by Konster · 2006-08-26 23:26 · Score: 5, Insightful
  
  If anything, punishment for IT related crimes are far behind where they should be. In a lot of ways, the internet is the modern equivalent of the lawless west where there are far too many criminals and far too few deputies and effective laws put into place to deal with criminals.
  
  Same thing in IT right now, lots of easy crimes to commit with few real repurcussions for illegal actions.
2. Re:I wonder... by widget54 · 2006-08-26 23:55 · Score: 2, Insightful
  
  Not harsh enough! He got a slap on the wrist, which in no way is going to deter others from imitating his network antics.
  
  --
  sic transit gloria mundi
3. Re:I wonder... by tomstdenis · 2006-08-27 00:31 · Score: 4, Insightful
  
  That's true in a certain sense, but also keep in mind the govt wants to make examples of these people. They may have only DoS'ed the government, but that's a small step to an extortion ring. Let me know when your company is going bankrupt because you have no net presence and thus no customers. See if you feel so liberal about it then.
  
  That and frankly little script kiddies are not harmless, they're ignorant and there is a difference. The net really depends on the netizens actually playing nice [or at least fair] with one another. When people like this take it upon themselves to affect so many, they deserve an appropriate punishment.
  
  Tom
  
  --
  Someday, I'll have a real sig.
4. Re:I wonder... by PeeAitchPee · 2006-08-27 00:48 · Score: 4, Insightful
  
  I was gonna mod you down, but I'll be constructive and reply instead.
  
  Before anyone screams conspiracy or defends this person, RTFA. This guy and his two buddies made over $100,000 from advertisements displayed by their little botnet. His motivation was simple . . . money, which last time I checked is no different that that of the spammers that almost every single Slashdotter would like to see ruthlessly executed and buried in an unmarked grave somewhere. The fact that he attacked (probably because of the indiscriminate nature of his botnet) public infrastructure is somewhat irrelevant other than it means it's easier for them to nail him to the wall 'cuz he got too lazy to look after all of the domains he was targeting. I think if we started vigorously prosecuting MORE of these people, and punishing them with jail times such as these, (US-based) botnet attacks would dramatically decline (as would spam). GO AFTER THE MONEY.
5. Re:I wonder... by div_2n · 2006-08-27 03:41 · Score: 3, Insightful
  
  the internet is the modern equivalent of the lawless west where there are . . . far too few . . . effective laws put into place to deal with criminals.
  
  This argument is exactly what causes new cyber laws to be needlessly written. It's pure balderdash. Theft is still theft, extortion is still extortion, etc. Just because the behavior is done over the wire doesn't make it any less or more of a crime. The only part of the law that might be lacking is extradition where someone in country A launches an attack of some sort on someone in Country B.
  
  The only thing the internet does is make crime less risky in terms of immediate repercussions. If you rob a bank in person with a gun, all sorts of things can go wrong. If you do it over the wire, you can have your money and be sitting on the beach of a country with no extradition treaties (see above argument) sipping on a cool drink before the authorities even know your name. Even better than that, you can do it from the beach while sipping on a cool drink.
  
  The internet melts international borders. The law hasn't cought up with that yet. Focus on that and getting better trained law enforcement to deal with cyber crime more quickly. If the law needs to be changed, the only thing I suggest is to make cyber crime default to maximum penalties. You don't need to reinvent the wheel to deal with the same crime that has been around since laws began.
Re:Remind me again, why do we need all these new l by MarkByers · 2006-08-26 23:02 · Score: 3, Insightful

what is needed, is more manpower available to track, prosecute and breakup such nets.

Perhaps if the police spent less time investigating fraudulent copyright infringement claims and confiscating a political party's servers they would have more time to chase real criminals. Or was it only in Sweden that the police ignore the criminals and try to hunt down political activists instead?

--
I'll probably be modded down for this...
Re:Remind me again, why do we need all these new l by tomstdenis · 2006-08-27 00:26 · Score: 3, Insightful

Disabling raw sockets and making people more accountable for their machines may help too.

I don't care if you get exploited. You should know enough to figure out when it has happened [e.g. your modem goes crazy] and do something about it [e.g. turn computer off]. And why ISPs still let people transmit IP packets with forged src addresses I'll never know. Sure it's technically valid [as far as IP datagrams goes] but the only legitimate use is to DoS something.

Oh, and a public flogging wouldn't hurt either.

Tom

--
Someday, I'll have a real sig.
He deserved it! by alexhs · 2006-08-27 01:28 · Score: 2, Insightful

I mean, that guy deserved that sentence, if he had been half clever he would have claimed he did that to collect evidence against pedophiles. And he would've gotten money from the FBI instead !

--
I have discovered a truly marvelous proof of killer sig, which this margin is too narrow to contain.
Re:Remind me again, why do we need all these new l by tomstdenis · 2006-08-27 04:40 · Score: 2, Insightful

I violently agree with what essentially we are both saying! hahahaha.

Yeah, admitedly it would be ideal to do the PF matching in hardware to reduce latency. Hell, I'd be for just doing it in the modems themselves. Make the damn thing locked and most zombie'ed machines wouldn't be able to work around it.

But that's costly as millions of people have modems already. There are fewer gateways than there are modems so ...

This is just like the spam problem. A simple solution is hashcash but nobody seems to want to actually implement it. Oh well.

Tom

--
Someday, I'll have a real sig.
Re:Remind me again, why do we need all these new l by kamapuaa · 2006-08-27 04:41 · Score: 2, Insightful

And good for it, too. The "war on drugs" is a sham, possession of crack is a victimless crime that the police should ignore whenever possible. People parking everywhere is a fucking nuisance.

--
Slashdot: providing anti-social weirdos a soapbox, since 1997.
Re:Remind me again, why do we need all these new l by Anonymous Coward · 2006-08-27 10:45 · Score: 1, Insightful

"The "war on drugs" is a sham, possession of crack is a victimless crime that the police should ignore whenever possible."

Tell that to the multitude that is hooked on it. Tell that to the robbery victim whose house was broken into to pay for the addicts next hit. Tell that to the mother whose son was shot in the crossfire of drug dealer's turf wars. And lastly, tell that to the judge as you are in front of him getting your sentence...

Drugs are not a victimless crime by a far shot.