A recent spate of high-profile arrests of malware writers is no cause for comfort, say computer crime experts.
While law enforcement authorities have recently arrested numerous virus writers and hackers, these arrests — and the stiff prison sentences that may follow — are likely to discourage only the most casual malware writers, say experts, and will probably have minimal impact on hardened criminals, particularly those overseas.
“Common sense would say [the arrests] would deter some people,” says Mark Greisiger, president of Net Diligence, a cybersecurity auditing firm in Philadelphia. “Kids…who might want to take on the challenge of breaking into a Web site and defacing it…might be deterred by thinking, ‘My pranks can put me in jail.’ But a lot of these people are youths and might not think twice about it.”
Authorities have arrested some young virus writers, including 19-year-old Jeffrey Lee Parson in 2003. Parson pleaded guilty to creating a variant of the Blaster worm. Earlier this year, he received an 18-month jail sentence. Similarly, authorities last May arrested an 18-year-old German man for creating the Sasser worm, and charged a 16-year-old from Canada for distributing the Randex computer worm.
Link to organized crime
“Any arrest of a malware developer or someone perpetrating an attack is a good thing,” said Paul Kurtz, executive director of the Cyber Security Industry Alliance in Arlington, Va . He added, however, that the threat is migrating. “We’ve gone from script kiddies to hackers to what I’ve seen now: organized crime getting involved in this area,” which will lead to more sophisticated criminal activities, he said.
Virus writers aren’t the only ones getting caught: Last fall, the U.S. Secret Service announced the arrest of 28 people from eight states and six countries who were allegedly involved in a global organized cybercrime ring. Prosecutions from this investigation continue, said U.S. Secret Service Director Ralph Basham. Earlier this year, the Secret Service assisted in arresting a man in Scotland in connection with a worldwide series of distributed denial-of-service attacks.