Obama Administration Proposes Giving Courts More Power to Issue Botnet Injunctions

Federal authorities want courts to have more leeway in granting injunctions to take down botnets.

The Obama administration has proposed an amendment to a federal law that would add operating a botnet to a list of offenses eligible for injunctive relief. Specifically, the amendment would enable the Department of Justice to seek an injunction to prevent any ongoing hacking violations in cases where 100 or more victim computers have been hacked,blogged Leslie R. Caldwell, assistant attorney general in the criminal division at the Department of Justice.

“Current law gives federal courts the authority to issue injunctions to stop the ongoing commission of specified fraud crimes or illegal wiretapping, by authorizing actions that prevent a continuing and substantial injury,” she wrote.

“The problem is that current law only permits courts to consider injunctions for limited crimes, including certain frauds and illegal wiretapping,” she added. “Botnets, however, can be used for many different types of illegal activity. They can be used to steal sensitive corporate information, to harvest email account addresses, to hack other computers, or to execute DDoS attacks against web sites or other computers. Yet — depending on the facts of any given case — these crimes may not constitute fraud or illegal wiretapping. In those cases, courts may lack the statutory authority to consider an application by prosecutors for an injunction to disrupt the botnets in the same way that injunctions were successfully used to incapacitate the Coreflood and Gameover Zeus botnets.”

Takedown operations have become useful weapons in the fight against cybercrime. Besides Coreflood and Gameover Zeus, members of the law enforcement and security communities have teamed to disrupt other operations as well. Just recently, researchers at Microsoft, AnubisNetworks and Symantec worked with police to take down the Ramnit botnet.

“The same legal safeguards that currently apply to obtaining civil injunctions, and that applied to the injunctions obtained by the department in the Coreflood and Gameover Zeus cases, would also apply here,” Caldwell added. “Before an injunction is issued, the government must civilly sue the defendant and demonstrate to a court that it is likely to succeed on the merits of its lawsuit and that the public interest favors an injunction; the defendants and enjoined parties have the right to notice and to have a hearing before a permanent injunction is issued; and the defendants and enjoined parties may move to quash or modify any injunctions that the court issues.”

“In sum, this proposal would provide the government with an effective tool to shut down illegal botnets or certain widespread malicious software to better match the ways that criminals are using these technologies,” she wrote.