Page 45 - Cyber Warnings
P. 45
Sentencing hearings in the same court are sometimes scheduled in 30 minute blocks. These
are often for large, complex, federal crimes cases. They rarely take more than a day, even with
without plea deals which would take much of the guesswork out of the sentencing.
Because Bendelladj's strategy for a reduced sentence hinged on the actual number of unique
stolen "access devices" (a physical thing or data, like a credit card, that can be used to access
an account), and the differences in each side's totals were hotly contested, the sentencing
hearing became a sort of trial all its own.
The sentencing hearing alone lasted five full days over March and April 2016. Witnesses were
called on both sides. Extensive testimony was given. There several lengthy rounds of direct
examination, cross-examination, and redirect.
Dozens of exhibits ranging from brief affidavits to detailed forensics reports were entered into
the record, often with objections that had to be argued. What made it seem odd to anyone
familiar to court proceedings was that issues normally thought of being trial issues were being
argued under the very different evidentiary and other rules of a sentencing hearing.
Key Evidentiary Factors in Sentencing
The sentencing guidelines used in US courts for economic crimes apply to these types of
cybercrime cases. In this case, the guidelines suggest sentences based on two main types of
harm caused:
1. Harm caused to victims of SpyEye infections, including damage to computer systems
and remediation costs
2. Harm caused to financial institutions and their customers through the theft, use, and
resale of account "access devices" such as credit card "fullz" containing personal and
financial information obtained through the use of SpyEye and related hacking activity
Both are still the result of gaining unauthorized access to a computer system, federal felony
violations.
Harm Caused by Infection
In the first instance, the following were debated:
The total number of infections vs. the number of "encounters" in a given timeframe
The effectiveness of anti-virus software in both detection/prevention and removal roles
The impact of the availability of free or bundled anti-virus software on average
remediation costs
45 Cyber Warnings E-Magazine – May 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
