Four Years Jail For Bredolab Botnet Author

angry tapir writes "The creator of the Bredolab malware has received a four-year prison sentence in Armenia for using his botnet to launch DDoS attacks that damaged multiple computer systems owned by private individuals and organizations. G. Avanesov was sentenced by the Court of First Instance of Armenia's Arabkir and Kanaker-Zeytun administrative districts for offenses under Part 3 of the Article 253 of the country's Criminal Code — intentionally causing damage to a computer system with severe consequences."

Re:What were the consequences

[gweihir]

Nothing. After all, even if you have glass windows, if somebody throws a stone at them you do not share responsibility. Vandalism (and that is what was effectively done) is always 100% the fault of the vandal.

Now, having inadequate security is something else. But the respective laws are still in their infancy.

Re:What were the consequences

Let me give you a more valid window glass analogy. If you had invested in better glass, the kids rock would not have smashed your window.

Plus we're talking about DDoS here. That is not trivial to protect against. Your jab at Microsoft is silly.

Re:What were the consequences

[flonker]

How would you "secure" a system against a DDoS? The only solution is to throw money at the problem. Yes, you can mitigate to some degree, but the numbers get very big very fast regardless.

Quick google turns up "DDoS attack size broke 100 Gbps for first time" from Feb 2011. The only way to prevent 100 Gbps of traffic from drowning your site is to have *significantly* more than 100 Gbps of bandwidth available to you, or to hire someone who does. And even then, someone must pay for that bandwidth.

Another hurdle to overcome is if someone is attacking your application layer, you have to throw CPU cycles (and possibly RAM) at the problem to solve it. If you assume a typical HTTP request of 1k, handling or filtering 100M (or even 1M @ 1Gbps) http requests per second is going to require some hefty hardware. A quick google gives the number 3k requests per second for a typical apache server serving blank pages. You would need 300 web servers to handle 1M requests, and 30,000 to handle 100M requests. Numbers are just ballpark figures, and may be off by an order of magnitude or two, but you get the idea.

In short, protecting against a DDoS is hardly professional neglect. It's a financial decision. Even if you hire someone else to handle it for you, someone eventually pays the price.

Interesting note from the article

[Zontar_Thing_From_Ve]

I am not claiming to personally be the greatest expert on Slashdot of the ex-USSR. However, I do speak Russian reasonably well and I have traveled in the ex-USSR so I do think it's fair to say that I'm more familiar with the CIS countries and the people that live there than most people. I admit to being a bit puzzled to read that Armenia jailed someone. Armenia is seemingly uninterested in joining NATO and the EU and as far as I know they get along pretty well with Mother Russia. Outside of the Baltic Countries (Estonia, Lithuania, Latvia) who are fully integrated into the EU and NATO, laws are weak and corruption is high. I was wondering "Why would Armenia bother to prosecute this guy and jail him, given that in the past the entire CIS has basically never been interested in such?". There doesn't seem to be any political reason (ie. no sucking up to the EU or NATO) at work here. Surely this guy would have been smart enough to just bribe his way out of trouble. Then I noticed this in the article:

One of the attacks that Avanesov was found guilty of instrumenting took place on Oct. 1, 2010, and targeted a Russian telecommunication company called Macomnet.

Ah. He foolishly attacked Mother Russia. Now I understand why he was convicted.