Comments on the article of the Criminal Code on the use and distribution of malicious computer programs

Article 273 of the Criminal Code of the Russian Federation is a state-established law that provides punishment for the development and expansion of malicious programs.
Destabilization of computer operation causes damage to government, industrial structures, institutions and ordinary users. And although law enforcement agencies are pursuing those who create viruses, there are not fewer of them. It is a pity that people’s talent and abilities are directed into criminal activities. Multi-channel free hotline Legal advice on criminal law. Every day from 9.00 to 21.00

Moscow and region: +7 (495) 662-44-36

St. Petersburg: +7 (812) 449-43-40

Article 273 (creation, use and distribution of malicious computer programs)

The creation, use and distribution of malicious computer programs is often done by a person out of self-interest or simple human curiosity, which is fueled by permissiveness. And you can pay for this with prosecution by law enforcement agencies.

Those who worked on creating the virus for the purpose of its further use are subject to punishment.

As part 1 of Article 273 of the Criminal Code of the Russian Federation states, punishment for the act is provided in the form of:

1. Restrictions on freedom for a period of about 4 years.
2. Mandatory work for the same period.
3. Imprisonment for 4 years with payment of a fine of up to 200 thousand rubles. from the earnings or other income of the convicted person for a period of up to one and a half years.

If collective work was carried out to create malicious codes, then they were distributed, causing major damage, then such a group of people faces punishment in accordance with Part 2 of Article 273 of the Criminal Code of the Russian Federation.

Punishment for violation of part 2 of the article:

• restriction of free movement for 4 years;
• forced labor for a period of 60 months with a ban on holding a certain position for 3 years or the ban does not apply;
• imprisonment for 5 years and payment of a fine from 100 to 200 thousand rubles. from the salary or other income of the perpetrator with a ban on holding certain positions for 3 years or with the lifting of the ban.

When actions under parts 1-2 of Article 273 of the Criminal Code of the Russian Federation lead to serious results or create a threat of their occurrence, the perpetrator faces imprisonment for seven years.

Computer information refers to information, messages, data that are presented in the form of electronic signals regardless of the place of storage, processing, transmission, as stated in the notes of Article 272 of the Criminal Code of the Russian Federation.

A couple of introductory words

So, let's plunge into the dark labyrinth of the cybernetic world, the ranks of whose inhabitants will soon be replenished with another malicious creature. Injecting a virus into an executable file is generally a rather complex and painful process. At a minimum, this requires studying the PE file format and mastering dozens of API functions. But at this rate we won’t be able to write a virus in a season, but we want it right here and now. But are we hackers or not? The NTFS file system (the main Windows file system) contains data streams, also called attributes. Several independent data streams can exist within one file.

Commentary to Art. 273 of the Criminal Code of the Russian Federation

In the commented article, the object of the offense is computer software or computer information with which illegal actions are carried out:

1. Destruction.
2. Blocking.
3. Modification.
4. Duplication of computer information.
5. Neutralization of computer protective equipment.

These actions are explained in Article 272 of the Criminal Code of the Russian Federation and the punishment is indicated.

Known types of programs that are virulent:

• computer virus;
• "worm";
• scanner program;
• emulation of electronic security means;
• software management of the computer flow of information;
• patch programs.

Computer information is protected by hardware, software, cryptosystems and means that control the effective protection of this information.

An example would be:

• antivirus;
• a program that eliminates illegal duplication of information;
• protection built into the operating system.

Neutralization of protective agents should be understood as the elimination of these agents or reduction of their impact.

The level of danger of the consequence is set individually for each situation. Any consequence that the court will consider taking into account the individual characteristics of the case can be considered grave.

Article 273 of the Criminal Code of the Russian Federation contains the elements of an offense, which is characterized by the following features:

1. The subject of a criminal act, according to Part 1, is a person who is sane and has reached the age of sixteen. In the second part, this is already a subject using his professional position.
2. The objective side of the offense includes alternative acts, which consist of creating viruses that are already pre-designed to illegally eliminate, interfere with, change, duplicate computer information or eliminate its protective measures. Software creation is work aimed at developing and preparing viruses that can cause a variety of harm to computer information. Their distribution implies possible access for outsiders to information that is considered inaccessible to the general public. Software exploitation is the activation of a malicious program by any person. An explanation for this is given as destruction, blocking, duplication of information. The destruction of information includes its partial or complete unsuitability for use and the possibility of recovery does not matter. If a file is renamed, moved, or automatically deleted, this is not considered destruction. Blocking is an action taken that has limited or blocked access to a computer and resources. If user access to the computer was deliberately impeded, then this action is not associated with destruction. Modification of information is when changes are made to information or computer parameters. The legislation establishes legal software modification by people who have access to it. Making copies of information and creating a duplicate of existing information on another medium without changing its original form. It can be done in writing, by making a photocopy, or by reading the information by interception. In this case, the offense under Part 1 of Article 273 of the Criminal Code of the Russian Federation is considered a formality. The person will not be held accountable and there will be no consequences for him.
3. The subjective side characterizes wines with direct intent. The perpetrators must be aware that the malicious program they create or use will sooner or later lead to certain dangerous consequences. Motivation and focus will not affect the classification of the offense.

Part 3 of this article predetermines the qualifying feature of the crime being analyzed - this is the occurrence of a grave consequence or the formation of a threat of its occurrence.
It must be taken into account that when these dangerous results occur, the qualification of the offense is material, in other words, the action ended at the beginning of the socially dangerous consequences.

If there is a threat of their attack, its composition becomes truncated.

The danger of the consequences is determined by the complexity of the picture:

• causing great material damage;
• disruptions in the functioning of production facilities and institutions;
• causing emergency, catastrophic situations;
• inflicting dangerous, moderately severe damage to health actions that led to the death of a lot of people;
• deletion, blocking, modification, duplication of information of particular value;
• the reality of the danger created.

The subjective side of this qualified offense is characterized by two types of guilt - intent related to the action itself, and careless attitude towards the occurrence of consequences.

When the offender acted with intent in relation to dangerous consequences or created the threat of their occurrence, then a qualitative and quantitative assessment of the dangerous consequences that occurred is taken into account.

Then its action is subject to additional qualification according to the complexity of the offenses, which are provided for by the relevant articles in the Criminal Code.

Article 273 of the Criminal Code of the Russian Federation establishes the answer for unlawful actions with a computer program that is recorded on various media and paper. After all, the creation of computer programs often begins with the writing of texts, which are subsequently stored in a computer. Therefore, the available source texts of a malicious computer program can already become the basis for being held accountable under Art. 273 of the Criminal Code of the Russian Federation.

But if a malicious computer product was used for personal needs, or personal computer information was destroyed, then this action is not subject to punishment.

When exposure to a virus program is a condition for committing another crime, this action is qualified as a set of atrocities independent of the level of danger of the next offense.

Semi-legal business

In addition to student virus writers and outright criminal business on the Internet, there is also activity on the edge of the law - “semi-legal” business. Electronic advertising systems, utilities that periodically invite the user to visit certain paid web resources, and other types of unwanted software - all of them also require technical support from hacker programmers. This support is required to implement mechanisms for secretly infiltrating the system, periodically updating its components, various disguises (to protect itself from being removed from the system), countering anti-virus programs - the listed tasks practically coincide with the functionality of various types of Trojan programs.

Forced advertising (Adware)

Special advertising components are being introduced into the system, which periodically download advertising information from special servers and show it to the user. In most cases (but not always), introduction into the system occurs unnoticed by the user, and advertising windows pop up only when the Internet browser is running (this is how advertising systems disguise themselves as advertising banners for websites).

After several US states passed anti-advertising laws, Adware developers were effectively excluded from the law (and almost all of them are American companies). As a result, some of them have legalized their developments as much as possible: now Adware comes with an installer, an icon is visible on the system bar, and there is an uninstaller. But it is difficult to imagine a person who, in his right mind and sober memory, would voluntarily install an advertising system on his computer, and therefore legal Adware began to be imposed along with some free software. In this case, the installation of Adware occurs against the background of the installation of this software: most users click “OK”, not paying attention to the texts on the screen, and along with the installed programs they also receive adware. And since often half of the desktop and system tray are occupied by a wide variety of icons, the advertising program icon gets lost among them. As a result, de jure legal Adware is installed secretly from the user and is not visible on the system.

It is also worth noting that in some cases it is impossible to remove legal advertising systems without disrupting the operation of the main software. In a similar way, Adware manufacturers protect themselves from uninstallation.

Pornography business, paid web resources

To attract users to paid websites, various programs are also often used, which de jure do not fall into the category of malicious programs, since they do not hide their presence in any way, and the user gets to the paid resource only by answering the corresponding question positively. However, such programs are often installed on the system without the user's knowledge, for example, when visiting websites with dubious content. Then they persistently invite the user to visit one or another paid resource.

False Anti-Spyware or Anti-Virus utilities

This is a fairly new type of business. The user is given a small program that informs them that spyware or a virus has been detected on the computer. It is reported in any case, regardless of the real situation - even if nothing else is installed on the computer except Windows OS. At the same time, the user is offered to purchase a “medicine” for a small amount, which, in fact, cures almost nothing.

source

If you find an error, please select a piece of text and press Ctrl+Enter.

BraveRobot found more articles on this topic:

• The dirtiest things we use every day
• Network users massively reset passwords on devices
• How ESET's intelligent security technologies work
• Domen malware tricks Windows computers into hacking
• The success of telephone scammers: psychology plus personal information about bank clients
• “All the Secrets of the Internet”: a handbook for a network user
• A modern solution and a smart approach - software development as part of standard marketing!
• How to call abroad from a landline and mobile phone: instructions
• Famous Inventions: The History of the Internet
• What computer viruses are there and how to choose and how to buy antiviruses against them

Judicial practice under Article 273 of the Criminal Code of the Russian Federation

Considering the judicial practice under this article, we note first of all its incompleteness and heterogeneity. At the moment, the Supreme Court has not adopted any laws or decisions on the application of articles on computer offenses.

The verdicts of different courts based on the same legal materials often differ in the qualification of the actions of the attacker and in the assignment of the amount of punishment.

Some situations that have happened in life:

1. The Yuzhno-Sakhalinsk city court was the first in Russia to bring charges under articles of computer offenses. A young man, K., a student at the city Institute of Economic Rights and Informatics, wrote a program that selected passwords for users’ email addresses and duplicated information from other people’s email accounts. The court issued a verdict in the form of conditional restriction of freedom for 24 months and payment of a fine of 200 minimum wages.
2. The investigative department of the Central Internal Affairs Directorate in Sverdlovsk opened a case that had signs of a crime, defined under Article 273 of the Criminal Code of the Russian Federation, Part 1, as the distribution of virus programs for PCs. The created electronic bulletin board was discovered by the investigation; it contained a set of viruses and “cracks” for computers. Along with the evidence base for the expansion of virus programs, the indictment contained log files that contained information about users who visited the bulletin board and had access to virus kits.
3. The district court in Nizhny Tagil considered the criminal material of the accused P. under several articles 159, 183, 272, 273 of the Criminal Code of the Russian Federation. From September to December 1998, P. used his professional position. He made changes in the statements according to which wages were calculated in production so that one ruble was withdrawn from employees who received an accrual of more than 100 rubles. Receipts went to a specific account, where P was then withdrawn. Program modifications fell under the qualifications of Article 273, data on citizens’ accounts entered into the PC database of proceedings under Art. 183, modifications of information under Art. 272, financial transfers under Art. 159 of the Criminal Code of the Russian Federation. P. was sentenced to 5 years of suspended freedom; he was banned from working as a programmer operator for 24 months.
4. The Shadrinsky City Court sentenced S. to pay a fine of 3 thousand rubles. under articles 272, 165 of the Criminal Code of the Russian Federation (causing property damage by deception or abuse of trust). C. It is a complete offense to obtain access to the Internet for free. He used other people's names and passwords, which he obtained by sending a Trojan program to the "victim's" computer. The court qualified the offense under Art. 272, illegal intrusion into someone else’s computer, aimed at stealing code, and the use of Internet access services under Art. 165 of the Criminal Code of the Russian Federation. This situation is different in that S., while giving testimony, pointed to the fact that he sent the “Trojan” to the computer from a special page located on the server, the address of which he forgot. But it is rather conjectural that this is how S. avoided a conviction on another article relating to the distribution of virus programs.

As a result, we can state that these articles of the Criminal Code “function”; computer scammers and hooligans are regularly attracted to them.
Judging by the information from law enforcement agencies, many offenses are recorded under articles 272, 273. However, there are cases when these articles are used for other purposes.

Examples include the following situations:

• November 1998 UROPD Moscow City Internal Affairs Directorate initiated a legal case, there was a fact of illegal access to legally protected computer information located in the cash registers of a businessman from Pavlov Posad, under Art. 272 of the Criminal Code of the Russian Federation. As a result of investigative actions, changes were revealed in cash registers; artificially low revenue was recorded in them. As a result, cash registers were classified as one of the types of electronic computers. There are often situations when articles on offenses involving a PC are charged in cases that, at first glance, do not relate to computers. These cases involve fraudulent activities using mobile phones;
• The preliminary investigation authorities in Stavropol charged the perpetrator with Art. 272 of the Criminal Code of the Russian Federation. The defendant used a mobile phone that had a modified scanner that could be used to make calls at someone else's expense.

And such situations are not isolated, once an investigator from Voronezh in 1998 also charged the perpetrator with Article 272 of the Criminal Code of the Russian Federation for the production of such “mobile phones” at the preliminary investigation stage.

Actions if accused of hacking

First of all, if you really haven't done anything, you need to provide a computer and other electronic media to review the files. Police experts will search among them for those that have been appropriated, or for drafts of the virus program.

Most often, charges will follow after using a public computer if it was previously used by a hacker. Then friends with whom you visited the Internet cafe or a log of visitors to it can help you. It would be good if it indicated the time of the visit. If it does not coincide with the moment of the hacker attack, then guilt will be proven.

In any case, before the moment a person got into an Internet cafe, he had overcome a certain level, perhaps he talked to someone on the phone from home, etc. With such an accusation, you must carefully remember the past day and indicate your alibi.

Accusations may follow when using third-party software that allows, for example, connecting to the Internet remotely by stealing traffic.

After such actions, administrative liability may be incurred if the source of obtaining this software was indicated.