Other issues in this category (14)
"I felt like I'd found a trick no one knows
and was just playing a video game".
That's what an 18-year-old Japanese youth said after he was accused of hacking the Monappy platform and stealing the equivalent of 15 million yen in monacoins (USD 130,000).
We’ve already talked about the topic of what should happen to underage people who commit cybercrimes. Not long ago, Japan lowered the legal age of adulthood to 18. However, drinking alcohol, smoking and gambling are still permitted only once a person reaches the age of 20, and from legal standpoint that young Japanese man is already an adult.
In an earlier publication, we wrote about a student who hacked into an electronic class register and changed his grades as well as those of his classmates. The young hacker didn't suffer any adverse consequences because the victims (those whose grades were changed) didn't want to file a lawsuit against him.
Here's another example.
Speaking in a court in the Hague earlier this month, a 20-year-old man showed remorse, admitting to the crimes he committed as a minor and apologizing for his actions. The hacker was sentenced to 120 hours of community service and 377 days of juvenile detention. He didn't get any prison time since part of his sentence was considered already served.
But this is not just some jokester:
…the hacker managed a DDoS botnet that he built using the Mirai IoT malware. Estimates on the size of the botnet ranged from 2,697 bots (per court documents) to 10,000 bots (per social media reports).
According to a Haagsche Courant journalist present at the February 21 court hearing, some of the websites that suffered from the attacks included the BBC, Yahoo News, e-commerce giant Zalando, and several Bitcoin exchanges and gambling sites.
Authorities say that in some cases, S. also contacted companies asking for Bitcoin ransoms to stop the attacks.
And he only repented after he had found himself behind bars.
S. initiated his attacks in October 2016 and ended his “career” in October 2017, when investigators arrested him.
Prior to that, he obviously had no intention of stopping his activities.
And what does this lenient sentence give us?
The actual authors of the Mirai malware had been arrested before, but since the source code was made available to the general public in 2016, other criminals are free to use it to set up botnets of their own. These include Satory and Okiru.
Researchers have discovered a new strain that makes use of 11 new exploits.
Specifically, the botnet operators came up with a new set of "unusual default credentials" to use in brute-force attacks against Internet-connected devices.
Imprisonment is a stigma for life. Removing it and starting all over again can be very difficult. Despite their young age, criminals can inflict multi-million-dollar damages to businesses and provoke security incidents with unpredictable consequences.
So what should be the proper punishment in such situations?