Portal de Periódicos da CAPES

Civil Cyberconflict: Microsoft, Cybercrime, and Botnets

2014; Routledge; Volume: 31; Issue: 2 Linguagem: Inglês

0882-3383

Janine S. Hiller,

Cybersecurity and Cyber Warfare Studies

TABLE OF CONTENTS INTRODUCTION I. BOTNETS AND TAKEDOWN APPROACHES A. Definitions and Threats B. The Conficker Working Group C. The FBI and DoJ II. THE FIRST MICROSOFT OFFENSIVE A. Legal Allegations B. Legal Strategy and Procedure 1. Ex Parte Proceeding 2. Emergency Temporary Restraining Order and Preliminary Injunction C. Default Judgment III. MICROSOFT TAKEDOWNS EVOLVE A. Rustock B. Kelihos C. Zeus D. Nitol E. Bamital IV. COLLABORATIVE TAKEDOWNS A. Citadel B. ZeroAccess V. ANALYSIS A. Crimtorts Lens B. Governance Theory Lens C. Strategic Management Lens D. International Lens CONCLUSION INTRODUCTION Headlines of cyberattacks, data breaches, identity theft, spam, and social engineering draw public attention and outrage. Cyber warfare and hackback by private companies is a hot discussion topic for its potential to fight cybercrime and promote cybersecurity. (1) In the shadow of this provocative discussion, Microsoft has led a concerted, sustained fight against cybercriminals by using traditional legal theories and court actions to dismantle criminal networks known as botnets. This article brings focus to the role of the private sector in cybersecurity in light of the aggressive civil actions by Microsoft to address a thorny and seemingly intractable global problem. The method for delivering cyberattacks damages is commonly by means of large numbers of zombie computers infected with malware. Criminals and hacktivists surreptitiously and without authorization install software on individual computers, allowing them to control and use the multitude of computers to accomplish illicit purposes. The group of computers controlled can number into the hundreds of thousands, and even millions. With these large numbers, a criminal is able to wield increased power and extend his reach around the globe. The group of connected, controlled computers just described is called a botnet. Botnets are the plague of the Internet. (2) Effective disarmament of growing numbers of global botnets is a difficult challenge; while technical solutions are developed to disrupt and disable them, the malicious controller responds with new tactics and increasingly sophisticated software. At the same time, the increasingly significant harm caused by these networks of hijacked computers, fueling cybercrime across the globe, makes it exponentially more important to control their spread. In addition, because botnets operate across national boundaries, disabling them can involve national and international legal and policy questions. As countries try to protect their citizens from malware that knows no physical boundaries, it is possible that the failure to control the growth and harmful effects of botnets could have such far-reaching effect as to create barriers within the fundamental Internet infrastructure and walled segments for protection. (3) However, preventing the spread of illegal botnet activity is not only a public safety issue for law enforcement; private parties and businesses have been active in the remediation of malicious software. Thus, the questions surrounding a botnet takedown are complex. Over a relatively short period, government and private sector roles have evolved considerably in the search for a methodology to deal effectively with botnets. In order to understand the evolution, this article first provides a brief technical description of botnet operations and an explanation of why employing purely technical means have proven insufficient to handle the threat. Earlier voluntary efforts of loosely networked entities are explained and their limitations examined. Many private entities deserve recognition and credit for their fight against botnets. The limited focus of this article, however, is Microsoft's lead role in pursuing private civil action to thwart and disable botnets. The private, civil action legal approach to dismantling botnets is chronicled, highlighting the evolution of increasingly aggressive tactics and the involvement of law enforcement. …