1. The creation, distribution or use of computer programs or other computer information, knowingly intended for unauthorized destruction, blocking, modification, copying of computer information or neutralization of computer information protection means, is punishable by restriction of freedom for a term of up to four years, or by forced labor for a term of up to four years, or imprisonment for the same period with a fine in the amount of up to two hundred thousand rubles or in the amount of the wages or other income of the convicted person for a period of up to eighteen months.
2. Acts provided for in part one of this article, committed by a group of persons by prior conspiracy or by an organized group or by a person using their official position, as well as those that caused large damage or committed out of selfish interest, are punishable by restriction of freedom for a term of up to four years, or forced labor for a term of up to five years with deprivation of the right to hold certain positions or engage in certain activities for a term of up to three years or without it, or imprisonment for a term of up to five years with a fine in the amount of one hundred thousand to two hundred thousand rubles or in the amount of wages or other income of the convicted person for a period of two to three years or without it and with or without deprivation of the right to occupy certain positions or engage in certain activities for a period of up to three years.
3. Acts provided for in parts one or two of this article, if they entailed grave consequences or created a threat of their occurrence, are punishable by imprisonment for up to seven years.
Article 273 of the Criminal Code of the Russian Federation: Recognition of a computer program as malicious
This publication has been prepared taking into account the latest scientific trends in the legal interpretation of Russian legislation and is based on the personal practice of the author, lawyer Pavel Domkin. The publication is not legal guidance for making independent procedural decisions. If legal questions arise regarding the topic raised, it is recommended that you obtain appropriate legal advice from a legal practitioner.
The established judicial practice has formed a certain view among law enforcement officials on what unlawful actions are criminally punishable under Article 273 of the Criminal Code of the Russian Federation. The issue of recognizing programs as malicious is entirely left up to the expert community by the investigation and the court; the vast majority of criminal cases are considered in conditions where the accused persons admit the charges brought against them without any challenge by the defense. “Silence” on the part of the Supreme Court of the Russian Federation, which has not given a single explanation to the courts about the practice of applying the rules on liability for committing crimes in the field of computer information, only contributes to maintaining a one-sided approach to resolving the issue of the presence of corpus delicti in the actions of a suspect. At the same time, the author notes the emergence of legal views among practicing specialists, as well as in the scientific community, that can change the existing judicial practice and ensure the proper application of criminal law.
In general, the design of Article 273 of the Criminal Code of the Russian Federation is quite simple. For law enforcement agencies, it is not procedurally difficult to prove the circumstances of the creation or use of a program, as well as the consequences of their work in the form of a violation of the original integrity of computer information. The conventional “crown” of criminal cases is the conclusions of specialists (experts) regarding the classification of the studied program as malicious. Due to the fact that the issue of recognizing programs as malicious is at the intersection of technical and legal aspects, it causes the most discussion in the procedural dispute between the defense and the prosecution.
The disposition of Article 273 of the Criminal Code of the Russian Federation provides for the possibility of criminal liability for the creation, distribution or use of computer programs or other computer information, knowingly intended for unauthorized destruction, blocking, modification, copying of computer information or neutralization of security measures. Civil law, in turn, determines that a computer program is an objective form of representing a set of data and commands intended for the operation of a computer device in order to obtain a certain result (Article 1261 of the Civil Code of the Russian Federation).
From the literal interpretation of the above concepts, it follows that the legal characteristics of a malicious computer program in the understanding of criminal law are:
- The deliberate purpose of the program to obtain an unlawful result. Of course, a software error made by the developer in the source code of the program, leading to a violation of the original integrity of other computer information of the user, cannot be a legal basis for recognizing the program as malicious.
- The unauthorized nature of the program’s operation, which is expressed in the lack of informing the user about the launch of the program, and its execution without the appropriate consent (command) of the user.
Only the simultaneous presence of the specified technical characteristics of the software is the basis for considering the issue of classifying the program as malicious.
About the program is a legal sign of the objective side of the crime under Article 273 of the Criminal Code of the Russian Federation, subject to mandatory procedural proof. Identification of these signs of program malware belongs to the field of special knowledge, since it involves conducting a study of the program code by an appropriate specialist based on his special knowledge and practical experience.
At the same time, the expert’s powers are limited by law only to the issue of identifying signs of malicious software. The legal interpretation of these signs and recognition of the program as malicious falls within the exclusive competence of the investigative authorities and the court. A different interpretation of the law would lead to the fact that the functions of administering justice would be assigned to the expert.
For example, having examined a program for checking the resistance of an Internet resource (database) to external influences, which creates an increased network load, or a program for monitoring the activity of a computer user, the expert will, with a high degree of probability, due to identifying signs of a lack of notifications about the operation of the program and a request for its execution, make a judgment about the “harmfulness” of the studied program code. At the same time, the consent of an employee who has access to important data of the copyright holder to monitor his activity indicates the authorized nature of the work of an outwardly secretive (inconspicuous) program, which by default copies user data, blocks access to sensitive parts of information, and can destroy data entered into bypassing established prohibitions, etc. The legal logic of the above example also applies to the case of testing an Internet resource for DDOS attacks by using “malicious” software, permitted by the copyright holder.
Establishing the existence of a criterion for the unauthorized operation of software in the above cases is possible only through investigative means, namely through interrogation, procedural research, evaluation of documents and other investigative actions.
The above examples clearly demonstrate that the harmfulness of a program should be established only through investigative methods, based on the conclusions of an expert study about the program algorithm and the conditions for its execution.
At the moment, statistics on crime detection under Article 273 of the Criminal Code of the Russian Federation consist of cases where experts recognize so-called “patches”, “keygens”, and “activators” used to “hack” licensed software as malware. As a rule, this criminal article is charged in conjunction with Article 146 of the Criminal Code of the Russian Federation in criminal cases of illegal installation of software.
The basis for recognizing a program as malicious is again the conclusion of a specialist (expert). In support of their conclusions, experts point out that the purpose of the program under study is to neutralize means of protecting computer information (licensed program), therefore, due to the disposition of Article 273 of the Criminal Code of the Russian Federation, it is harmful. This approach is fundamentally wrong.
As noted earlier, the expert is not authorized to make judgments about the harmfulness of the software under study. The specialist’s competence is limited to studying the program algorithm and identifying signs of its harmfulness, namely:
- The deliberate purpose of the program to achieve an unlawful result.
- Lack of user consent to execute the program, lack of informing the user about the operation of the program.
If the presence of the first sign of maliciousness of the “activator/patch/keygen” is more or less obvious, since these programs are initially created to “hack” software, then the sign of “unauthorization” in the vast majority of cases is actually absent.
As a rule, an algorithm or other hacking program is always accompanied by a message indicating which program will be modified. It is not uncommon for the user to choose the target of influence (the program to be hacked), move the hacker to the directory with the program to be hacked, replace files manually, etc. In addition, the execution of a hacking program is always associated with the direct will of the user, who must launch it, install it, issue a command for execution, in other words, authorize its operation to obtain the final result in the form of generating an activation key or changing the functionality of the hacked program. Here the logical conclusion follows that the impact on computer information (licensed software) by a hacker program is carried out only with the consent of the user or by his direct expression of will, which excludes the possibility of classifying the hacker program as malicious software in the sense of the current version of the criminal law.
Cases of the use of such hackers should be considered in terms of violation of copyright (license) rights to software under Article 146 of the Criminal Code of the Russian Federation. The use of a cracking program must be assessed as an instrument for committing an offense. The additional qualification of offenses involving the use of “activators/patches/keygens” under Article 273 of the Criminal Code of the Russian Federation in such cases does not correspond to the basics of criminal law.
Lawyer Pavel Domkin
Computer Crime Lawyer
A short excursion into the world of IT
Virus programs for computers are considered to be applications that can disable equipment, copy, destroy, or transfer confidential user data to others. They are divided into several types:
- viruses . These are programs that get onto user devices and carry out unauthorized actions;
- worms These are programs with malicious code that can be automatically distributed on infected devices. Each new copy receives the same properties as the previous ones;
- Trojans _ This is one of the most dangerous types of malware. Trojans are created for a specific task, for example, copying data or blocking part of the system commands. However, they do not know how to copy themselves;
- malicious utilities. These include, for example, miners. They get onto the users’ computer and mine cryptocurrency for their owners;
- adware, pornware and riskware . These include viruses that cause advertisements or programs to remotely control a PC to appear on computers. They can be used for both benefit and harm;
- “warez software”. This refers to patches, cracks, keygens and other software for deactivating security measures.
Criminal legal characteristics
An object
User safety when operating computer equipment, programs and applications.
Objective side
Work aimed at destabilizing the technical capabilities of trusted programs.
Activities that contribute to an increase in the number of malicious computer programs (development and distribution in paper or electronic form of codes that destabilize the operation of computers)
Subject
A person who has reached 16 years of age and is recognized as capable and sane.
Subjective side
Direct intent of the accused party (when working on malicious code, its creator was aware of the possibility of the program causing harm to a user's computer).
What punishment and responsibility are provided?
For working on malicious programs for the purpose of their further exploitation, their use in business, penalties are provided in accordance with Part 1 of Article 273 of the Criminal Code of the Russian Federation :
- Restriction of freedom (up to 4 years);
- Forced activity (up to 4 years);
- Imprisonment (up to 4 years) with a simultaneous monetary penalty of up to 200 thousand rubles. or salary for a period of up to one and a half years.
For collective work on malicious codes, their use, when causing major damage, the penalties provided for are Part 2 of Article 273 of the Criminal Code of the Russian Federation:
- Restriction of freedom (up to 4 years);
- Forced activity (up to 5 years) with a simultaneous ban on certain activities (up to 3 years) or without a ban;
- Imprisonment (up to 5 years) with a simultaneous monetary penalty of up to 200 thousand rubles. or salary for a period of 2 or 3 years / without penalties, with a simultaneous ban on certain activities (up to 3 years) or without a ban;
- The onset of grave consequences threatens the perpetrator with imprisonment for up to 7 years .
Examples from judicial practice
Case 1
For distributing the Windows 8 hacking program, a 29-year-old resident of the Kemerovo region was sentenced to 9 months of correctional labor and partial restriction of freedom of movement for the same period. The restriction of freedom is expressed in the prohibition to leave the region between 22:00 and 6:00 .
The accused’s selfish intent is the desire to earn bonus benefits from the provider.
Case 2
43 St. Petersburg residents were sentenced to 2 years of probation and a fine of 20,000 rubles for distributing malware that could deactivate anti-virus applications. The offense: the program was transferred by the offender to a police officer.
The use of a program containing malicious code led to undesirable consequences in the system of a law enforcement agency.
For trying to facilitate access to secret information using computer programs, you can pay not only with money, but also with freedom .