Four Years Jail For Bredolab Botnet Author

angry tapir writes "The creator of the Bredolab malware has received a four-year prison sentence in Armenia for using his botnet to launch DDoS attacks that damaged multiple computer systems owned by private individuals and organizations. G. Avanesov was sentenced by the Court of First Instance of Armenia's Arabkir and Kanaker-Zeytun administrative districts for offenses under Part 3 of the Article 253 of the country's Criminal Code — intentionally causing damage to a computer system with severe consequences."

What were the consequences

[buchner.johannes]

for the staff in charge of security? (Since there was damage to multiple computer systems, not just unavailability)

Re:What were the consequences

[gweihir]

Nothing. After all, even if you have glass windows, if somebody throws a stone at them you do not share responsibility. Vandalism (and that is what was effectively done) is always 100% the fault of the vandal.

Now, having inadequate security is something else. But the respective laws are still in their infancy.

Re:What were the consequences

[Alex Belits]

If it was possible to prevent glass windows from being broken by properly maintaining them, having a window broken would indicate professional neglect (what translated into various crimes and civil actions for at least some professions).

There is no excuse for having an insecure system operating in an insecure manner while there are cheaper ways of having a secure system operating in a secure manner. Just because Microsoft taught people to accept glaring flaws and deficiencies as facts of life, doesn't mean that there should be no responsibility for having them.

Spam Flood

[MRe_nl]

"Never in the history of Slashdot have so many spam posts been posted by so few in such a short time".

Winston Smith.

(Perhaps triggered by "botnet author" in the articles title?)

Interesting note from the article

[Zontar_Thing_From_Ve]

I am not claiming to personally be the greatest expert on Slashdot of the ex-USSR. However, I do speak Russian reasonably well and I have traveled in the ex-USSR so I do think it's fair to say that I'm more familiar with the CIS countries and the people that live there than most people. I admit to being a bit puzzled to read that Armenia jailed someone. Armenia is seemingly uninterested in joining NATO and the EU and as far as I know they get along pretty well with Mother Russia. Outside of the Baltic Countries (Estonia, Lithuania, Latvia) who are fully integrated into the EU and NATO, laws are weak and corruption is high. I was wondering "Why would Armenia bother to prosecute this guy and jail him, given that in the past the entire CIS has basically never been interested in such?". There doesn't seem to be any political reason (ie. no sucking up to the EU or NATO) at work here. Surely this guy would have been smart enough to just bribe his way out of trouble. Then I noticed this in the article:

One of the attacks that Avanesov was found guilty of instrumenting took place on Oct. 1, 2010, and targeted a Russian telecommunication company called Macomnet.

Ah. He foolishly attacked Mother Russia. Now I understand why he was convicted.