Came across an excellent article from Sophos "How a regular IT guy helped catch a botnet cybercriminal" about the legal process and investigation that goes on when prosecuting a cyber criminal.
The first paragraph struck me for make it very obvious that evidence of a crime has taken place is required, to such a level that in a court of law it "beyond all reasonable doubt"
"It's not enough for the authorities to discover who is behind a malware attack. To secure a successful conviction, it's also necessary for victims to report that a crime has taken place."
The whole article is a good description of the process law enforcement go through in order to gain a conviction and shows the problems when cyber crime occurs across national borders so easily but police investigations are limited by national jurisdiction. It also show how long the process can take to complete with the initial malware being identified in Nov 2006, the conviction took place in March 2008, this was with the criminal making it easy by using his real name for registering a domain name and for setting a billing contract.
No comments:
Post a Comment