Proposed legislation would strengthen cybercrime laws

By Marcia Savage, Features Editor, Information Security magazine 23 Oct 2007 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Legislation introduced in the U.S. Senate Monday would boost cybercrime laws and ban the creation of botnets.

Senators Orrin Hatch (R-Utah) and Joseph Biden, Jr. (D-Delaware) introduced the Cybercrime Act of 2007 to update existing laws and close what they say are loopholes that online criminals can exploit.

For example, they said, felony provisions that outlaw damaging a computer network apply only if a cybercriminal causes more than $5,000 worth of damage in any given year. If an attacker damages 1,500 PCs, law enforcement is faced with the challenge of identifying all the victims to prove the total damage is more than $5,000. Their legislation would provide law enforcement officials with the alternative of proving a cybercriminal damaged 10 or more computers.

Cybercrime crackdown: Top spammer indicted on email fraud, identity theft: The arrest may reduce the volume of spam in the short-term, say experts and analysts, but the real spam threat comes from criminal gangs based in Asia and Russia. New image spam sneaks into inboxes: Researchers at Secure Computing Corp. have discovered a new form of image spam that is sneaking into corporate systems and clogging inboxes. Technology making headway in spam battle: Few people in the world know more about identifying and stopping spam and other unwanted email than Paul Judge. Reputation systems gaining credibility in fight against spam: Now that nearly all organizations are employing some sort of anti-spam technology, spammers know their only hope for success lies with outwitting spam-detection strategies. But as Mike Rothman writes, the emergence of reputation-based systems is helping fight the spam battle.

The bill would also update extortion laws by banning not only threats to damage computers but also threats to reveal confidential information illegally obtained from computers. Creating botnets that could be used in online attacks would also be prohibited.

In addition, the bipartisan legislation would authorize the U.S. Sentencing Commission to update its guidelines applicable to computer crimes, and provide funds for local and federal law enforcement officials to investigate cybercrime.

The government made a push in May to crack down on spammers with the arrest of Robert Alan Soloway, who is accused of using botnets to send out millions of spam emails. Spammers have become increasingly sophisticated developing techniques to trick antispam software. Botnet sophistication is also continuing to increase baffling some security researchers and making it difficult for law enforcement to build a case against suspected offenders.

"The Cybercrime Act of 2007 helps law enforcement pull the plug on hackers and other cybercriminals by expanding our current cybercrime laws relating to damages and extortion and by providing key funding to help catch these Internet thieves," Biden said in a statement.

The Business Software Alliance applauded the bill. "We're facing a new breed of criminals in cyber space, and law enforcement needs additional tools to fight them … Enacting this legislation is critical to addressing the realities of cyber crime today," BSA President and CEO Robert Holleyman said in a statement.

The Senate Judiciary Committee must vote on the legislation before the Senate can consider it.

In May, the Cybersecurity Enhancement Act of 2007 was introduced in the House and would earmark $30 million a year through 2011 for federal law enforcement agencies to investigate cybercrime. It also would broaden penalties for online crime and expand sentencing guidelines for cybercrime.

Sound Off! -   Be the first to post a message to Sound Off!

Tags: Information Security Laws, Investigations and Ethics,  Organized Cybercrime,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us