Proposed legislation would strengthen cybercrime laws

By Marcia Savage, Features Editor, Information Security magazine 23 Oct 2007 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Legislation introduced in the U.S. Senate Monday would boost cybercrime laws and ban the creation of botnets.

Senators Orrin Hatch (R-Utah) and Joseph Biden, Jr. (D-Delaware) introduced the Cybercrime Act of 2007 to update existing laws and close what they say are loopholes that online criminals can exploit.

For example, they said, felony provisions that outlaw damaging a computer network apply only if a cybercriminal causes more than $5,000 worth of damage in any given year. If an attacker damages 1,500 PCs, law enforcement is faced with the challenge of identifying all the victims to prove the total damage is more than $5,000. Their legislation would provide law enforcement officials with the alternative of proving a cybercriminal damaged 10 or more computers.

Cybercrime crackdown: Top spammer indicted on email fraud, identity theft: The arrest may reduce the volume of spam in the short-term, say experts and analysts, but the real spam threat comes from criminal gangs based in Asia and Russia. New image spam sneaks into inboxes: Researchers at Secure Computing Corp. have discovered a new form of image spam that is sneaking into corporate systems and clogging inboxes. Technology making headway in spam battle: Few people in the world know more about identifying and stopping spam and other unwanted email than Paul Judge. Reputation systems gaining credibility in fight against spam: Now that nearly all organizations are employing some sort of anti-spam technology, spammers know their only hope for success lies with outwitting spam-detection strategies. But as Mike Rothman writes, the emergence of reputation-based systems is helping fight the spam battle.

The bill would also update extortion laws by banning not only threats to damage computers but also threats to reveal confidential information illegally obtained from computers. Creating botnets that could be used in online attacks would also be prohibited.

In addition, the bipartisan legislation would authorize the U.S. Sentencing Commission to update its guidelines applicable to computer crimes, and provide funds for local and federal law enforcement officials to investigate cybercrime.

The government made a push in May to crack down on spammers with the arrest of Robert Alan Soloway, who is accused of using botnets to send out millions of spam emails. Spammers have become increasingly sophisticated developing techniques to trick antispam software. Botnet sophistication is also continuing to increase baffling some security researchers and making it difficult for law enforcement to build a case against suspected offenders.

"The Cybercrime Act of 2007 helps law enforcement pull the plug on hackers and other cybercriminals by expanding our current cybercrime laws relating to damages and extortion and by providing key funding to help catch these Internet thieves," Biden said in a statement.

The Business Software Alliance applauded the bill. "We're facing a new breed of criminals in cyber space, and law enforcement needs additional tools to fight them … Enacting this legislation is critical to addressing the realities of cyber crime today," BSA President and CEO Robert Holleyman said in a statement.

The Senate Judiciary Committee must vote on the legislation before the Senate can consider it.

In May, the Cybersecurity Enhancement Act of 2007 was introduced in the House and would earmark $30 million a year through 2011 for federal law enforcement agencies to investigate cybercrime. It also would broaden penalties for online crime and expand sentencing guidelines for cybercrime.

Tags: Information Security Laws, Investigations and Ethics,  Hacker Tools and Techniques: Underground Sites and Hacking Groups,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Information Security Laws, Investigations and Ethics Cybersecurity czar candidate questions clout of new position DHS fills National Cybersecurity Center post FTC shutters rogue ISP for hosting malicious content, botnets Experts optimistic of Obama cybersecurity plan WH cybersecurity plan needs private sector guidance Obama announces creation of cybersecurity coordinator position Cybersecurity Act of 2009: Power grab, or necessary step? Face-off: Who should be in charge of cybersecurity? Feds should get private sector advice on cybersecurity Federal efforts to secure cyberinfrastrucure Hacker Tools and Techniques: Underground Sites and Hacking Groups Juniper pulls ATM hacking presentation from Black Hat Botnet platform helps cybercriminals bid for zombie PCs Man pleads guilty in online banking hacking scam ATM malware lets attackers take over machines The failing war against cybercriminals Hacker attack techniques and tactics: Understanding hacking strategies The Pipe Dream of No More Free Bugs Government needs a plan to limit Web usage during a security crisis Mobile phones win during Pwn2Own contest Black Hat DC 2009: Joanna Rutkowska on Intel TXT flaws

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary CALEA  (SearchSecurity.com) cyberstalking  (SearchSecurity.com) cypherpunk  (SearchSecurity.com) HSPD-7  (SearchSecurity.com) I-SPY Act  (SearchSecurity.com) Information Awareness Office  (SearchSecurity.com) intelligence community  (SearchSecurity.com) lawful interception  (SearchSecurity.com) lifestyle polygraph  (SearchSecurity.com) vulnerability disclosure  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary