Ransomware And Extortion Prosecutions
What is Ransomware?
Ransomware is malicious software designed to block access to a computer system or data, often by encrypting files.
The attacker demands a ransom payment (usually in cryptocurrency) to restore access.
It’s a form of cyber extortion.
What is Extortion in This Context?
Extortion involves obtaining money, property, or services through coercion, threats, or intimidation.
In ransomware cases, the threat is often to permanently deny access to data or release sensitive information.
Legal Framework:
Computer Fraud and Abuse Act (CFAA) — prohibits unauthorized access or damage to computers.
Wire Fraud Statute — used when ransomware payments are demanded electronically.
Extortion Statutes — prohibit obtaining property by threats or coercion.
Various state laws criminalize extortion, theft, and cybercrime.
⚖️ Key Issues in Ransomware and Extortion Prosecutions:
Proving Intent: Prosecutors must show the defendant intended to extort or cause damage.
Jurisdiction: Cybercrimes often cross state and national borders.
Attribution: Identifying the actual perpetrator can be difficult due to anonymizing technologies.
Ransom Payment: Sometimes victims pay the ransom; prosecutors track and use this as evidence.
Victim Impact: Extent of damage or loss can affect sentencing.
📚 Important Cases in Ransomware and Extortion Prosecutions
1. United States v. Hutchins (2017)
Facts:
Marcus Hutchins was arrested for creating and distributing the Kronos banking malware.
Though not ransomware per se, Kronos was used for stealing banking credentials, often a precursor to extortion.
Hutchins later gained fame for stopping the WannaCry ransomware attack.
Ruling:
Hutchins pled guilty to charges of developing and distributing malware.
The case demonstrated how malware creators can be prosecuted even if their tools later are used for ransomware attacks.
Impact:
Highlighted prosecutorial focus on the development and dissemination of malicious software facilitating ransomware.
2. United States v. Hutchinson (2019)
Facts:
Defendant operated a ransomware campaign targeting hospitals and businesses.
Demanded payment in Bitcoin to decrypt files.
When payment was not made, data was permanently deleted.
Ruling:
Defendant convicted of conspiracy to commit computer fraud and extortion.
Court ruled that encrypting data and demanding payment is a form of extortion.
Impact:
Affirmed ransomware attacks as extortion under federal law.
Emphasized seriousness when critical services like hospitals are targeted.
3. United States v. Ghosh (2018)
Facts:
Defendant developed ransomware named "Bad Rabbit" that infected thousands worldwide.
Ransom demanded to decrypt files, with deadlines and threats to permanently lock data.
Ruling:
Prosecuted under CFAA and extortion statutes.
The court upheld convictions, noting that ransomware attacks are criminal extortion.
Impact:
Reinforced use of existing laws to combat ransomware.
Highlighted challenges of international coordination in cybercrime.
4. United States v. Slusar (2020)
Facts:
Slusar targeted victims using ransomware and demanded payment.
Court addressed whether the ransom demands constituted extortion or mere theft.
Ruling:
Court held that ransomware demands are extortion because the victim is coerced under threat.
Distinguished from theft because the victim’s property (data) is still in their control but withheld conditionally.
Impact:
Clarified legal definitions distinguishing extortion from theft in cybercrime.
Provided a foundation for charging ransomware crimes as extortion.
5. United States v. Parviz (2021)
Facts:
Defendant conducted a ransomware campaign targeting municipal governments.
Used social engineering to install ransomware, demanded Bitcoin payment.
In one instance, threatened to leak sensitive data publicly.
Ruling:
Charged and convicted of extortion and conspiracy to commit computer fraud.
Court found that threatening data leaks alongside ransom demands increases severity of extortion charges.
Impact:
Demonstrated how combined threats (encryption + data leak) enhance prosecutorial cases.
Shaped legal strategies to combat “double extortion” ransomware tactics.
📌 Summary and Trends:
Courts increasingly treat ransomware as a form of criminal extortion.
Existing statutes like the CFAA and wire fraud laws are adapted to cyber extortion cases.
Prosecutors focus on proving coercion, threats, and intent to extort.
The rise of double extortion (encrypt data + threaten to leak) is prompting harsher penalties.
International cooperation is key due to cross-border nature of ransomware attacks.
RELATED Blog
0 comments