Severe penalties for creating, using and distributing malware

Article 273 of the Criminal Code of the Russian Federation is a state-established law that provides punishment for the development and expansion of malicious programs.
Destabilization of computer operation causes damage to government, industrial structures, institutions and ordinary users. And although law enforcement agencies are pursuing those who create viruses, there are not fewer of them. It is a pity that people’s talent and abilities are directed into criminal activities. Multi-channel free hotline Legal advice on criminal law. Every day from 9.00 to 21.00

Moscow and region: +7 (495) 662-44-36

St. Petersburg: +7 (812) 449-43-40

A short excursion into the world of IT

Virus programs for computers are considered to be applications that can disable equipment, copy, destroy, or transfer confidential user data to others. They are divided into several types:

• viruses . These are programs that get onto user devices and carry out unauthorized actions;
• worms These are programs with malicious code that can be automatically distributed on infected devices. Each new copy receives the same properties as the previous ones;
• Trojans _ This is one of the most dangerous types of malware. Trojans are created for a specific task, for example, copying data or blocking part of the system commands. However, they do not know how to copy themselves;
• malicious utilities. These include, for example, miners. They get onto the users’ computer and mine cryptocurrency for their owners;
• adware, pornware and riskware . These include viruses that cause advertisements or programs to remotely control a PC to appear on computers. They can be used for both benefit and harm;
• “warez software”. This refers to patches, cracks, keygens and other software for deactivating security measures.

Computer program

It should be understood as an objective form of providing a set of commands and data intended for the operation of computers and other computer devices in order to obtain certain results.

A computer program that is deliberately intended for unauthorized destruction, modification, blocking, copying of information, as well as to neutralize security measures, a specially created (written) program, is called malicious. Upon gaining control, it is capable of performing actions that are not authorized by the user and causing damage as a result.

About Article 273 of the Criminal Code of the Russian Federation

Article 273 of the Criminal Code of the Russian Federation regulates crimes related to the creation and distribution of malware:

1. Creation of programs whose main purpose is to copy information , destroy, block or modify data, or eliminate anti-virus programs and other means to protect computer information .
2. Actions from paragraph 1, committed by a group of persons or a professional group, or an official using his position for this purpose.
3. Actions from parts 1 and 2 of the article that resulted in grave consequences that caused damage to the organization or an ordinary user.

Let's turn to the comments to this article of the Criminal Code of the Russian Federation.

1. The object of the crime under this article is considered to be public safety and order. The objective side includes the fact that a malicious program has been created, the purpose of which is to copy, block, and destroy information.
2. Methods of committing this act include the creation and transmission of virus software.
3. The corpus delicti is formal. Creating malware already entails liability even without consequences.
4. The subject of a crime can be any person who has reached the age of 16 and is recognized as sane.
5. If the acts from the 1st part of Article 273 of the Criminal Code of the Russian Federation were committed by a group of persons, more serious consequences are provided for this.
6. Storing virus program code entails criminal liability.

Criminal legal characteristics

An object

User safety when operating computer equipment, programs and applications.

Objective side

Work aimed at destabilizing the technical capabilities of trusted programs.

Activities that contribute to an increase in the number of malicious computer programs (development and distribution in paper or electronic form of codes that destabilize the operation of computers)

Subject

A person who has reached 16 years of age and is recognized as capable and sane.

Subjective side

Direct intent of the accused party (when working on malicious code, its creator was aware of the possibility of the program causing harm to a user's computer).

Composition of the crime and qualifications

A crime is considered committed when the criminal begins to create virus software, and not after he begins to distribute it, as some users mistakenly believe.

The crime is divided into several stages:

• development of virus software;
• implementation;
• its separation;
• consequences of malware.

It is on the basis of these qualifying features that the crime is formed, its severity and the damage caused is assessed.

What is a distributed denial of service attack?

A Distributed-Denial-of-Service (DDoS) attack operates similarly to a regular denial-of-service attack.

However, a distributed denial of service attack is carried out using a large number of computers.

Typically, in a distributed denial of service attack, hackers use one compromised computer as the "master" computer that coordinates the attack from other zombie computers.

Typically, a cybercriminal hacks into the host computer and all zombie computers by exploiting a vulnerability in the applications to install a Trojan horse or other piece of malicious code.

For more information about distributed denial of service attacks, see Distributed Network Attacks/DDoS.

How is malware transmitted?

To protect yourself from the effects of virus software, you need to understand how it gets onto user devices. This mainly happens in one of the following ways:

• the malware enters via removable media, such as a USB flash drive;
• through the Internet. Users visit dubious, phishing sites or open files sent by email from suspicious individuals.

Reference. Phishing is a type of Internet fraud to gain access to confidential user data - logins and passwords.

You can determine that your computer is infected by the following signs:

• he slows down;
• constant freezes of the operating system;
• System applications do not work as expected.

What is phishing?

Phishing is a special type of computer crime that involves tricking a user into revealing valuable information, such as bank account or credit card information.

Typically, cybercriminals create a fake website that looks just like a legitimate one, such as a bank's official website.

Cybercriminals try to trick a user into visiting their fake site, usually by sending them an email containing a hyperlink to the fake site.

When you visit a fake site, you will typically be prompted to enter sensitive information, such as a username, password, or PIN.

For more information about phishing, read the article “Spam and Phishing”

Responsibility

1. According to Article 273 of the Criminal Code of the Russian Federation, someone who has committed a criminal act may receive 4 years of restriction or imprisonment, or 4 years of forced labor; Plus, they face a fine of up to 200 thousand rubles or up to 18 months’ earnings.
2. If the crime was committed by an organized group, each member receives imprisonment for a period of 5 years, or forced labor for the same period, or restriction of freedom for 4 years; There is also a fine of 100 to 200 thousand rubles.
3. In cases where the creation of virus software has led to particularly serious consequences, the offender can receive up to 7 years in prison.

Attention. Article 273 provides for liability even for storing malware codes on any media. This is explained by the fact that most often the creation of code for such programs begins with simply writing it on paper or in a computer document. This fact alone is grounds for prosecution.

There may be cases where a person spread the virus accidentally. He downloaded malware without realizing it and it spread across the network. In this case, there is no direct intent and the crime cannot be classified. The creator of the virus and its distributor on the Internet will be considered guilty.

Examples from judicial practice

Case 1

For distributing the Windows 8 hacking program, a 29-year-old resident of the Kemerovo region was sentenced to 9 months of correctional labor and partial restriction of freedom of movement for the same period. The restriction of freedom is expressed in the prohibition to leave the region between 22:00 and 6:00 .

The accused’s selfish intent is the desire to earn bonus benefits from the provider.

Case 2

43 St. Petersburg residents were sentenced to 2 years of probation and a fine of 20,000 rubles for distributing malware that could deactivate anti-virus applications. The offense: the program was transferred by the offender to a police officer.

The use of a program containing malicious code led to undesirable consequences in the system of a law enforcement agency.

For trying to facilitate access to secret information using computer programs, you can pay not only with money, but also with freedom .

Method of investigating such crimes

The investigation of crimes related to the development and transmission of virus software consists of two main stages:

1. It is necessary to establish the fact that virus software was created.
2. We need to find the creators and distributors of this software.

If we are talking about a crime related to any enterprise, then the criminal can be identified through employee surveys.

If people are identified who are too interested in the company's software, but are not related to it by profession, then they will be the first to be suspected.

How can you prove innocence?

The main way to prove innocence is to have an alibi, that is, direct evidence that you did not commit the crime because you simply could not do it.

If there is no alibi, you need a competent lawyer who is well versed in the law. If a lawyer is an expert in his field, he will at least be able to achieve a minimum prison term for his client.

In what cases are they not held accountable?

Companies that develop antivirus software and have the appropriate license are not held liable. They legally have the right to use virus codes.

Persons who use such software for their own needs, that is, to destroy their own information on their own devices, have not yet been held accountable.

What is a denial of service attack?

Denial-of-Service (DoS) attacks interfere with or stop the normal functioning of a website, server, or other network resource.

Hackers achieve this in several ways, for example, by sending the server so many requests that it is not able to process.

The server will be slower, web pages will take much longer to open, and the server may crash completely, causing all websites on the server to be unavailable.