Introduction
The most malicious software cause damage that goes beyond simply infringing on the victims’ privacy. They usually seek to disrupt, steal and even cause some illegal actions on networks, data, and hosts. A common class of malware is the Trojan horse. Usually this class of malware tricks the user to think that it is a genuine software. Once the user interacts with it such by installing or opening it, it becomes activated and spreads into its targeted areas in the host. Trojans cause many damages, including creating a backdoor for its authors to gain access to one’s system. However, among the main damages that they cause involves financial damage, which is usually a prime motivation behind the authors of the various malware. One of the most notorious Trojan horse malware in history is CryptoLocker, which first appeared in September 2013. It was created by a thirty-year-old Russian man by the name Evgeniy Mikhailovich Bogachev. This paper discusses CryptoLocker in detail stating the kind of damage it caused, its implication on criminal justice, as well as the response by the criminal justice system.
Overview
CryptoLocker is a type of malware known as ransomware, which holds ransom information on the victim’s computer (Lemos 3). The data encryption occurs with neither the knowledge nor consent of the victim. Once the data was encrypted, the malware would pop up prompting the user to either pay for a decryption key or risk losing his data. It would also offer one free decryption for a single file. This free offer was made to earn the victim’s trust and make sure that pay on their data would be released.
Caused Substantial Financial Damage
CryptoLocker would require the victims to pay up to $700 to access the decryption keys required to unlock their data (Olson 1). By April 2013, CryptoLocker had established itself in more than 235,000 computers worldwide, with about 50% of those being in the United States. Olson states that the affected users made ransom payments of more than $30 million within the first three months that CryptoLocker came into existence (1).
Motivation
The main motivation behind the creation of most malware is usually financial gain. However, the creation of CryptoLocker was based on more than just that; it was based on the success of its author’s previous malware, GameOver Zeus (Lemos 3). This malware was first discovered in September 2011 and used a network infrastructure of personal computers as well as web servers which were compromised to execute command-and-control. The malware could be propagated through phishing and spam messages. CryptoLocker would also be spread through similar spam messages and the users would run it in their systems. Additionally, CryptoLocker used similar decentralized servers to the ones used by GameOver Zeus as these were difficult for the security experts to track and block. According to Lemos, CryptoLocker also used a peer-to-peer network, similar to GameOver Zeus, to distribute configuration files (3).
Penalties the Creators Received
Evgeniy Bogachev’s malware creation had a Pittsburgh grand jury unseal a 14-count indictment against him ("Cryptolocker" 10). He was charged with computer hacking, conspiracy to engage in bank fraud, money laundering, bank fraud, and wire fraud in connection with his supposed role as the administrator of CryptoLocker.
Major Implications for the Criminal Justice System
The amount of damage caused by CryptoLocker resulted in countries either enacting or updating their laws against spreading viruses and cybercrime. In January 2014, 15 African states came together to sign a convention on cyber security to prevent cybercrime through protection of personal data, combating the spread of computer viruses, and promotion of cyber security (“Cryptolocker” 10). Further, in July 2014, the United States Senate had a hearing on the take down of botnets, stating that both public and private efforts would be required to dismantle the cybercriminal networks. Moreover, signed an agreement of cooperation with Kaspersky in September of the same year. In the agreement, Kaspersky agrees to be providing Interpol with its products and intelligence.
The Criminal Justice Response to the Trojan
The FBI raised its bounty of $3 million by $1.2 million to $4.2 million in an attempt to capture Evgeniy Mikhailovich Bogachev (Olson 1). Furthermore, the United States in conjunction foreign law enforcement seized the computer servers that were being used as the main servers by CryptoLocker. As a result, the global botnet’s operation was disrupted. The U.S. Department of Homeland Security's Computer Emergency Readiness Team (US-CERT) also published instructions online on how to remove the CryptoLocker malware. The Court also authorized the FBI to get the IP addresses of the infected computers and to share the information with security agencies and the relevant authorities in other countries in an attempt to assist them to recover their data. The FBI was not allowed to view neither the contents of the infected victims computers nor their electronic communications.
Conclusion
Various malware affect computers, and subsequently the users, in different ways. However, it is constant that they have an evil intention and Trojan horse is definitely one of the worst malware; it manifests itself as a genuine computer program. While it is at most times difficult to distinguish what program is malware, it is possible to keep safe. Having a genuine antivirus software installed and the firewall running is the best way to keep one’s computer system away from the reach of malicious software.
Works Cited
"Cryptolocker." SC Magazine: For IT Security Professionals (UK Edition) (2015): 10. Business Source Complete. Web. 14 May 2016.
Lemos, Robert. "Cryptolocker Ransomware Variant Includes More Pernicious Features." Eweek (2014): 3. Business Source Complete. Web. 14 May 2016.
Olson, Parmy. "Cryptolocker Thieves Likely Making 'Millions' As Bitcoin Breaks $1,000." Forbes.Com (2013): 1. Business Source Complete. Web. 14 May 2016.
