Botnet Prevention Act would allow law enforcement, court to disrupt ‘zombie’ computer networks

PROVIDENCE – The proposed Botnet Prevention Act of 2016 would provide law enforcement and courts additional power to stop botnets – networks of infected computers used to commit cybercrime, according to U.S. Sen. Sheldon Whitehouse.
“Cybercriminals can wield these armies of zombie computers to carry out all manner of criminal activity – from pillaging private data, to shutting down businesses’ websites, to attacking critical infrastructure,” Whitehouse said in a statement. “This bill will arm law enforcement and our courts with tools to help fight back and better protect Americans from cybercrime.”
U.S. Sen. Richard Blumenthal, D-Conn., said it may sound “like something straight out of a sci-fi movie,” but these networks present “a real threat” to the nation’s security.
“This critical legislation would give law enforcement the tools it needs to fight back against cybercrime – one zombie computer network at a time,” Blumenthal said.
Botnets are formed by infecting computers of unsuspecting users with malware. The originator of the infection then has total control over the machine, stealing such things as personal and financial information by infiltrating online bank accounts.
According to estimates from the U.S. Department of Justice, botnets infect 500 million computers each year, or 18 victims per second.
The Botnet Prevention Act, introduced last week, would strengthen law enforcement and courts’ authority by enhancing the DOJ’s authority to obtain injunctions used to shut down botnets.
Under current law, the DOJ’s authority to seek injunctions is limited to botnets engaged in fraud or illegal wiretapping. The bill would expand that authority to cover more illegal activity, including the destruction of data, denial-of-service attacks used to disrupt websites and other criminal acts that damage computers.
The act also would grant judges discretion to impose tougher penalties on those who attack the computers that control critical infrastructure, such as dams, power plants and hospitals. And, a new criminal offense would be created for criminals who sell access to compromised computers in a botnet. Current law makes it difficult to prosecute sellers of access to compromised computers, especially when the seller is not the person who compromised the computer in the first place. No current criminal law directly prohibits this conduct, but the legislation would close this loophole, according to information from Whitehouse.

No posts to display