DDoS attacks will enter the Criminal Code (Articles 272-274)
A number of Russian Internet companies, with the support of Group-IB, have initiated amendments to the Criminal Code of the Russian Federation. Chapter 28 of the Criminal Code “Computer Crime Offenses” is proposed to be supplemented with new qualifying signs, including on the organization and commission of DD-S attacks, for phishing and spam.
The structure of crimes will be designated and the evidentiary base on them will be clarified, the places of the crime will be established.
Group-IB company is engaged in the investigation of crimes in the field of IT commissioned by commercial companies (including traps organizers of DDoS attacks). A company spokesman explained that the existing legislation makes it possible to hold accountable only for infecting a computer, but not for DDoS itself. That is, in the case of a botnet, you need to look for "victims" from among the owners of zombie PCs, which distorts the whole point of the matter, where the real victim is a large company or financial institution affected by DDoS.
Chapter 28 of the Criminal Code contains three articles: article 272 “Illegal access to computer information”, article 273 “Creation, use and distribution of malicious computer programs” and article 274 “Violation of computer operating rules, computer systems or their networks”. These articles provide for a variety of penalties, including fines, correctional labor, compulsory work (up to 240 hours), arrest or imprisonment for up to seven years.
')
The draft amendment to the Criminal Code is currently at the stage of agreeing on a concept.
The structure of crimes will be designated and the evidentiary base on them will be clarified, the places of the crime will be established.
Group-IB company is engaged in the investigation of crimes in the field of IT commissioned by commercial companies (including traps organizers of DDoS attacks). A company spokesman explained that the existing legislation makes it possible to hold accountable only for infecting a computer, but not for DDoS itself. That is, in the case of a botnet, you need to look for "victims" from among the owners of zombie PCs, which distorts the whole point of the matter, where the real victim is a large company or financial institution affected by DDoS.
Chapter 28 of the Criminal Code contains three articles: article 272 “Illegal access to computer information”, article 273 “Creation, use and distribution of malicious computer programs” and article 274 “Violation of computer operating rules, computer systems or their networks”. These articles provide for a variety of penalties, including fines, correctional labor, compulsory work (up to 240 hours), arrest or imprisonment for up to seven years.
')
The draft amendment to the Criminal Code is currently at the stage of agreeing on a concept.
Source: https://habr.com/ru/post/116477/
All Articles