Experts tell us how to avoid having your personal page hacked

1. Unlawful access to computer information protected by law, if this act entailed the destruction, blocking, modification or copying of computer information, is punishable by a fine in the amount of up to two hundred thousand rubles or in the amount of the wages or other income of the convicted person for a period of up to eighteen months, or by correctional labor for a term of up to one year, or restriction of liberty for a term of up to two years, or forced labor for a term of up to two years, or imprisonment for the same term.

2. The same act, which caused large damage or was committed out of selfish interest, is punishable by a fine in the amount of one hundred thousand to three hundred thousand rubles, or in the amount of the wages or other income of the convicted person for a period of one to two years, or by correctional labor for a term from one year to two years, or restriction of liberty for a term of up to four years, or forced labor for a term of up to four years, or imprisonment for the same term.

3. Acts provided for in parts one or two of this article, committed by a group of persons by prior conspiracy or by an organized group or by a person using their official position, are punishable by a fine in the amount of up to five hundred thousand rubles or in the amount of the wages or other income of the convicted person for a period up to three years with deprivation of the right to hold certain positions or engage in certain activities for a term of up to three years, or restriction of freedom for a term of up to four years, or forced labor for a term of up to five years, or imprisonment for the same term.

4. Acts provided for in parts one, two or three of this article, if they entailed grave consequences or created a threat of their occurrence, are punishable by imprisonment for a term of up to seven years.

Notes.

1. Computer information means information (messages, data) presented in the form of electrical signals, regardless of the means of their storage, processing and transmission.

2. In the articles of this chapter, major damage is recognized as damage the amount of which exceeds one million rubles.

What the law says

Article 272 of the Criminal Code of the Russian Federation. Unauthorized access to computer information1. Unlawful access to computer information protected by law, if this act entailed the destruction, blocking, modification or copying of computer information, is punishable by a fine in the amount of up to two hundred thousand rubles or in the amount of the wages or other income of the convicted person for a period of up to eighteen months, or by correctional labor for a term up to one year, or restriction of freedom for a term of up to two years, or forced labor for a term of up to two years, or imprisonment for the same term.2. The same act, which caused large damage or was committed out of selfish interest, is punishable by a fine in the amount of one hundred thousand to three hundred thousand rubles, or in the amount of the wages or other income of the convicted person for a period of one to two years, or by correctional labor for a period of one year. up to two years, or restriction of freedom for a term of up to four years, or forced labor for a term of up to four years, or imprisonment for the same term.3. Acts provided for in parts one or two of this article, committed by a group of persons by prior conspiracy or by an organized group or by a person using their official position, are punishable by a fine in the amount of up to five hundred thousand rubles or in the amount of the wages or other income of the convicted person for a period of up to three years from deprivation of the right to hold certain positions or engage in certain activities for a term of up to three years, or restriction of freedom for a term of up to four years, or forced labor for a term of up to five years, or imprisonment for the same term.4. Acts provided for in parts one, two or three of this article, if they entailed grave consequences or created a threat of their occurrence, are punishable by imprisonment for up to seven years. Notes. 1. Computer information means information (messages, data) presented in the form of electrical signals, regardless of the means of their storage, processing and transmission.2. In the articles of this chapter, major damage is recognized as damage the amount of which exceeds one million rubles.

The owner of the account (if it is dear to him, of course) usually has evidence of its ownership and evidence of the transfer of money to his account. Having taken these documents, he calmly goes to the nearest police station and registers a statement about the fact of theft.

Criminal Code of the Russian Federation Article 158. Theft (as amended by Federal Law No. 162-FZ of December 8, 2003)

(see text in the previous edition)1. Theft, that is, the secret theft of someone else's property, is punishable by a fine in the amount of up to eighty thousand rubles or in the amount of the wages or other income of the convicted person for a period of up to six months, or by compulsory labor for a period of up to three hundred sixty hours, or by corrective labor for a period of up to one year. , or restriction of freedom for a term of up to two years, or forced labor for a term of up to two years, or arrest for a term of up to four months, or imprisonment for a term of up to two years.

What is the penalty for using unlicensed software?

When using any software, including accounting, legal entities and individuals must respect the copyright of the developer. Installing any unlicensed software and using databases automatically makes the user liable to copyright law. Punishment for violation of the law can be not only administrative, but also criminal.

How to find users of unlicensed software

The police are responsible for establishing facts of violations of copyright law and crimes in this area. Most often, Art. 146 of the Criminal Code of the Russian Federation “Violation of copyright and related rights”, Art. 28.1 of the Code of Administrative Offenses of the Russian Federation “Initiation of a case of an administrative offense” and Art. 140 of the Code of Criminal Procedure of the Russian Federation “Reasons and grounds for initiating a criminal case.”

Before a company or individual user faces a complaint from the police, they may receive notification letters from software developers, for example, Microsoft, with a recommendation to check the network for certified software. Or the organization may receive a call from a developer’s representative with a proposal to conduct an audit of the current software.

So, an administrative/criminal case can be initiated by:

• receipt of an application from the copyright holder of the software;
• the presence of a violation identified by a police officer;
• signal of a violation from other sources.

The user of unlicensed software is at great risk, because a simple message (oral or written) is enough for a police check. A visitor to a company, its own employee or an employee of a competing company, a neighbor, if unlicensed software is used at home, etc. can report a violation of the law to the authorities.

In this case, the offender finds himself alone on his side of the barricade, and on the side of law enforcement agencies there are a number of interested companies and individuals. Please note that copyright protection is now entrusted to the Non-Profit Partnership of Software Suppliers (NP PPP).

Everything is extremely simplified: on the NP PPP website there is a mailbox that accepts messages indicating who and where is violating copyright, using unlicensed copies of 1C software products. This can also be done anonymously - the authorities will still respond to the message properly.

We save your time - we answer questions briefly but clearly

1. Enforcement of copyright law and its violations under police supervision.
2. The authorities will begin an inspection upon receiving any (official, unofficial, targeted or anonymous) message. It can be done by an employee of the company, an employee of a competing company, a visitor to the company, or any person who suspects you of violating copyright.
3. Third sector organizations (public non-profit partnerships) may participate in the investigation.
4. Pirated use of software and systematized information from the developer is punishable administratively or criminally.
5. Either administrative or criminal penalties apply.
6. According to Article 1301 of the Civil Code of the Russian Federation, compensation for damages is established for violation of copyright in the field of software and the development of updates to it.

Administrative responsibility for the use of unlicensed software

Do you use computer programs and databases illegally? Be prepared for fines as part of administrative penalties under Art. 7.12 Code of Administrative Offenses of the Russian Federation. What penalties apply:

• 1500-2000 rubles will be paid by individuals;
• 10,000-20,000 will be collected from officials and individual entrepreneurs;
• The organization will pay 30,000-40,000 rubles from its own accounts.

A simultaneous fine will follow both for the offending organization and for management officials who do not control the implementation of the law. The main responsibility for using unlicensed 1C software falls on the general director, system administrator, and chief accountant, as individuals who use pirated software for the organization's work.

Judicial practice, confirmed by the recent example of the Magistrate Court of judicial district No. 99 of St. Petersburg dated April 26, 2018, prescribes fines for unauthorized updating of programs.

Fines are not the final punishment. According to Art. 7.12 of the Code of Administrative Offenses of the Russian Federation will be followed by the mandatory seizure of counterfeit copies of programs along with the equipment on which they were installed.

In total, an organization that illegally uses the software and its upgrade is punished as follows:

• pays a fine;
• is deprived of counterfeit software;
• loses equipment with illegally installed software.

Now estimate the extent of the damage for the love of freebies. Example from life:

a certain company, let's call it N, received an e-mail from Microsoft stating that it was necessary to check the network for the presence of their software and fill out a certain document. The company used the software illegally, not on purpose, but “everyone does it.” The letter from the largest software developer was ignored. Later, a call came from a Microsoft representative with the same offer. The management calculated how much it would cost to replace it with licensed software and decided... to ignore the call. Two weeks later, the company was subject to a police inspection, as a result of which the company was fined 2 million rubles. The amount itself is quite large, and besides, if the prosecutor’s office proved malicious intent, everything resulted in criminal liability. However, the company was lucky and the parties agreed on compensation and the purchase of licensed software. As a result, Company N paid triple the price it would have paid if it had purchased legitimate software in the first place.

A penalty such as a fine with confiscation of computers is valid if the total cost of illegally installed programs is up to 100,000 rubles (see note to Article 146 of the Criminal Code of the Russian Federation). This is an administrative offense. If the amount of damage is higher, then unauthorized actions will be classified as a crime under the Criminal Code of the Russian Federation. The example provides only for an administrative violation (not a criminal violation).

Criminal liability for the use of unlicensed software
A certain cost of illegally used software exceeding 100 thousand rubles entails criminal punishment under Part 2 of Art. 146 of the Criminal Code of the Russian Federation. It is calculated by police officers, taking as a basis market prices for similar programs (directly from the manufacturer or dealer).

The article mentioned above provides the following sanctions for the use of pirated software:

• fine amount up to 200,000 rubles;
• free community service for up to 480 hours;
• corrective or forced labor for up to 2 years;
• imprisonment for up to 2 years.

The total cost of pirated software is more than 1 million rubles, implies the effect of Article Part 3 of Art. 146 of the Criminal Code of the Russian Federation, here the punishment is much harsher:

• forced labor for up to 5 years;
• imprisonment for a term of up to 6 years with or without a fine of up to 500,000 rubles.

These measures also apply to, for example, the director of a company who has authorized the installation and use of unlicensed software; and for the system administrator who installed the software with the consent of the manager. The rule applies even if the cost of the assigned software is less than 1 million rubles.

To the manager:

• First of all, the head of the organization is accused, even if he claims ignorance of the use of pirated software in his enterprise;
• preliminary investigation conducted by the police under Art. 146 of the Criminal Code of the Russian Federation, issues a mandatory request to the management of the organization to check the software operating in the office. The manager or authorized person must provide licenses for existing software within a few days or submit a statement about the absence of licensed programs;
• the company has several days to check - the manager’s excuse “I didn’t know” will not work;
• During a criminal case, the copyright holder has the right to bring a civil claim against the company at fault with the payment of monetary compensation (example from judicial practice: appeal ruling of the Sverdlovsk Regional Court dated May 17, 2018 No. 22-3666/2018).

Civil liability for the use of unlicensed software

Often, the copyright holder of the software has no idea that a case is being conducted against a certain company or individual for violating the use of unlicensed software. However, in the interests of the former, Art. 1301 of the Civil Code of the Russian Federation, which imposes financial liability on the violator. The police notify the copyright holder of a violation and request information. Then the copyright holders become civil plaintiffs in the case and in accordance with Art. 1301 of the Civil Code of the Russian Federation has the right to demand from the defendant payment of compensation:

• double the cost of the program,
• from 10 thousand to 5 million rubles.

The exact amount of compensation depends on the severity of the violation and is determined by the court.

Specific answers to frequently asked questions:

1. Some compensation will be charged for each copy present on each individual computer.
2. Even if the pirated program was not used for work, damages are due. The very fact of its presence on the computer is valid (appeal ruling of the Sverdlovsk Regional Court dated May 29, 2018 No. 22-3969/2018).
3. The owner of intellectual property has the right not only to hold the infringer accountable and demand payment of compensation. He can achieve, through the prosecutor's office, the liquidation of the violating organization or the termination of the activities of the individual entrepreneur (1253 of the Civil Code of the Russian Federation).
4. An organization is liquidated by a court decision if it is repeatedly found to have violated copyright law.

According to users, the high price for official software and updates is not a reason to use pirated programs. Please note that detection of the presence of counterfeit programs is fraught with fines of tens of millions, prison sentences and the liquidation of your business altogether.

Illegal software updates
Software updates are independent intellectual property items, just like software. Many updates are protected by the manufacturer from unauthorized use technologically and programmatically. Accordingly, in order to use them, the user needs to select a “key”. Accordingly, his objection that he did not think that he was acting illegally is no longer logical.

A bypass of a legitimate software update proven by the police can result in a lawsuit where the defendants are the hacker and the users of the updates. Art. 272 of the Criminal Code of the Russian Federation and Art. 273 of the Criminal Code of the Russian Federation, which carries a maximum penalty of imprisonment for up to 5 years. Positive judicial practice is periodically updated with new examples.

Example

There is a precedent in history for opening a criminal case for account theft.

A 20-year-old resident of Volgodonsk (Rostov region) could spend two years in a colony if he is found guilty of stealing a virtual character from the popular online game Lineage 2. A hacker stole from a resident of Murmansk one of the most advanced characters in the game under the nickname BSL; a Murom resident estimated his damage at 5,000 rubles. The creators of the game note that such thefts occur every day, but few people turn to the police for help.

A resident of the city of Volgodonsk was detained on suspicion of stealing a virtual character from the game Lineage 2, the press service of the Ministry of Internal Affairs for the Rostov Region officially reported. Now he faces up to two years in prison under Article 272 of the Criminal Code of the Russian Federation (illegal access to computer information). The suspect is now under recognizance not to leave the place; an employee of the press service of the Ministry of Internal Affairs refused to name the criminal, citing the presumption of innocence. The former owner of the character under the nickname BSL contacted the Murmansk police department. The man said that he had been subjected to a hacker attack; he had been leveling up his character for several years, and the total amount of money spent on improving it exceeded 5,000 rubles.

General Director of Innova Gevorg Sargsyan explained that character thefts in the computer game Linage occur quite often, but not all users turn to law enforcement agencies. “Virtual characters are stolen every day, we are fighting these illegal actions, including advising users to introduce additional protection for their accounts. Frauds are also quite common: for example, a user who has agreed to sell his character, after the transaction, declares it stolen. We also try to stop this,” says Mr. Sargsyan.

Telecommunications lawyer Anton Bogatov explained to RBC daily that such cases still rarely come to court, since gamers do not like to contact law enforcement agencies on such issues. “As a rule, players simply do not come to the local police station. However, now there is reason to believe that the police solved this cybercrime quite quickly and efficiently. The main thing is to quickly seek help,” the expert believes.

Pfizer/BioNTech and the European Medicines Agency (EMA)

In December 2021, two sophisticated attacks by the Lazarus group on the European Medicines Agency were discovered. As a result of the attack, research data on the Pfizer/BioNTech vaccine was “stolen.” BioNTech, the developer of the Pfizer vaccine, says in a letter on its official website that the vaccine's regulatory documents have been compromised.

During the investigation of the hack, it was discovered that two Windows servers of a government agency were compromised on October 27 using a sophisticated malware known to Kaspersky Lab as wAgent.

The attack itself on the data of the vaccine manufacturer, according to Kaspersky Lab, started on September 25. It was carried out using the Bookcode malware.

The investigation is still ongoing and exact information about the quantity and quality of stolen information has not been disclosed.

However, it was possible to analyze in detail the infrastructure of the Lazarus group, right down to identifying IP addresses and establishing the area in Pyongyang (North Korea), from where the attacks were most likely carried out.

The report also notes that since last year, Lazarus participants have been taking active measures to disguise themselves as “Russian hackers” - in particular, including comments in Russian in the codes. However, mistakes made in this case nullify the effect of such disguise.

Millions for passwords from social networks

The Zavodsky District Court of Kemerovo sentenced a 20-year-old city resident for stealing logins and passwords of Internet users. He collected data for sale to third parties.

The Russian, whose name has not been disclosed, as a result of his activities, according to information from the FSB Directorate for the Kemerovo Region, earned more than 4.5 million rubles. Why his clients might need logins and passwords was not known at the time of publication of the material. According to the department, they used them to commit crimes.

"Entrepreneur" from Kemerovo

4.5 million rubles. The young Kemerovo resident, as reported by representatives of the FSB Directorate for the Kemerovo Region, earned money in less than a year - he carried out criminal activities for 11 months. As of January 24, 2021, the exact number of people affected by his actions was not known.

The Russian obtained logins and passwords using a certain “hacker” virus - he was distributing it on the Internet, and by infecting users’ computers, he received information about their logins and passwords for various web services. The department did not provide information about the clients of the Kemerovo “hacker.”