The Concept of Malware as a Means of Committing Computer Crimes: Classification and Methods of Illegal Use

Abstract

The authors analyze problems connected with malware from the standpoint of the doctrine of the methods of computer crimes/offenses as one of the components of the theory of information-computer support of criminalistic work. Most methods of computer crimes are based on the unauthorized access to computer facilities and systems gained through malware that, in fact, acts as a weapon of crime. The authors present a classification of malware based on different parameters: from the standpoint of criminal law and criminology; the standpoint of information technology; the standpoint of the doctrine of computer crimes/offenses. Various grounds for the classification of malware are examined. A general classification, widely used by the developers of antiviral software, includes virus-programs, worm-programs and trojan-programs. In the modern situation of massive digitization, it is not practical to regard masquerading as a legitimate file as a dominant feature of trojan software. On the contrary, criminals try hard to hide from the user the downloading, installation and activity of malware that cannot self-propagate. The key method of propagating trojan programs is sending mass emails with attachments masquerading as useful content. The classification of malware by the way and method of propagation - viruses, worms and trojan programs - is only currently used due to traditions and does not reflect the essence of the process. A different classification of malware into autonomous, semi-autonomous and non-autonomous programs is based on the possibility of their autonomous functioning. At present there is practically no malware whose functions include only one specific type of actions, most of it contains a combination of various types of actions implemented through module architecture, which offers criminals wide opportunities for manipulating information. The key mechanisms of malwares work are described and illustrated through examples. Special attention is paid to harmful encryption software working through stable cryptographic algorithms - ransomware, when criminals demand ransom for restoring data. There is no criminal liability for such theft. The authors outline the problems connected with the possibility of the appearance of new malware that would affect cloud resources.