Disrupting Botnets: An Overview of Seizure
Warrants and Other Legal Tools
May 16, 2024
In January and February 2024, the Department of Justice (DOJ) announced the disruption of two different foreign-state-sponsored botnets. The term botnet is a portmanteau of “robot” and “network.” It generally refers to a network of computers and computerized devices infected with malware (i.e., unwanted, malicious software including viruses and spyware) that may be remotely managed to perform various tasks without the knowledge of the underlying owners. Botnets can potentially be used by criminals for espionage, fraud, theft, ransomware-based extortion, and impairment of websites and internet infrastructure through cyberattacks.
Botnets may be of interest to Congress in light of the dangers they pose, and Congress may have several
options at its disposal to remediate them. These options include revising the legal authorities relied on by DOJ to disrupt botnets, creating new criminal laws targeting botnet-related conduct, and setting cybersecurity standards for computerized devices to limit the likelihood that those devices become coopted as part of a botnet. Accordingly, this Legal Sidebar provides an overview of several legal authorities relevant to combatting botnets, focusing primarily on search and seizure warrants under the Federal Rules of Criminal Procedure and also discussing legal authorities governing stored communications, pen-trap devices, and injunctive relief against fraud. It concludes with a discussion of congressional considerations. This Sidebar does not cover the various criminal statutes that may be used to prosecute individuals in connection with botnet-based crime, but an overview of key statutory provisions may be found in CRS Report R47557, Cybercrime and the Law: Primer on the Computer Fraud and Abuse Act and Related Statutes, by Peter G. Berris (2023).
Botnet Disruption Through Search and Seizure Warrants
Many of DOJ’s efforts to remediate botnets have relied on search and seizure warrants. The Supreme Court has said that, with some exceptions, the Fourth Amendment requires law enforcement officers to obtain a warrant when they search or seize property. Rule 41 of the Federal Rules of Criminal Procedure and the Fourth Amendment itself establish a number of requirements for obtaining a search warrant.
Pursuant to the Fourth Amendment, a warrant must be based on probable cause, a standard the Supreme Court has described as “incapable of precise definition or quantification into percentages.” Exact Congressional Research Service