Arresting developments

It’s two years today since Hungarian Laszlo K, the author of the Magold worm, was found guilty of unauthorized use of computer systems (tens of thousands of systems, in fact) and sentenced to two years probation and a fine of $2,400.

A lot has happened since then.

1. The motivation behind the development of malicious code has changed. Malware is now routinely developed and used to make money. At the time Laszlo K was sentenced, this trend towards crimeware was just beginning.

2. We’ve seen a corresponding shift in tactics. There has been a relative decline in the use of mass-mailing as a means of distributing malicious code. The global epidemic has been replaced by tactical ‘hit and run’ attacks in which malware is spammed out to a controlled target population. So email worms like Magold make up a smaller percentage of malicious code overall.

The stakes have risen. Those who develop malicious code stand to benefit financially from their work. However, the risks have increased too. Law enforcement agencies across the world have become more expert in tracking cyber criminals. And there’s a significant degree of co-operation between national police authorities. As a result, the number of arrests and convictions has risen considerably during the last two years. This week brought a further example. Three suspected members of the ‘M00P’ online gang were arrested in the UK and Finland, accused of distributing backdoor Trojans (including the Breplibot Trojan) via spam and using them to attack businesses.

Given the potential profits to be made, the evolution of malicious code is unlikely to slow down any time soon. But we’re also likely to see more arrests and convictions.