The article was written by Dr. iur. Dr. rer. pol. Fabian Teichmann in collaboration with Léonard Gerber. The text discusses the monetization of cybercrime in the context of the digital economy 4.0, focusing on the development of business models offered by cybercriminals on the darknet. These models include illicit services such as phishing kits, ransomware, spyware, worms, Trojans, and hacking services that are available to individuals as well as businesses and public agencies. The cybercriminals use anonymity and cryptocurrencies such as Bitcoin for their transactions. In addition to traditional targeted cyberattacks, the paper also discusses distributed denial-of-service (DDoS) attacks that overload servers, criminal prosecution of cyberattacks, and business resilience in Switzerland. Companies that fall victim to a cyberattack are often reluctant to report it or file criminal charges. Reasons for this include reputation protection, the "attractiveness of their services, and a lack of advantages in cooperating with law enforcement agencies. Nevertheless, cyberattacks can be reported to the National Cyber Security Center (NCSC), whose specialized department MELANI (Melde- und Analysestelle Informationssicherung) analyzes malicious software used in the attacks. The Swiss Cybercrime Coordination Service (SCOCI) also receives requests to block websites with suspicious content, which can lead to criminal investigations in Switzerland and abroad. However, it is worth noting that certain sectors are required to report cyberattacks, such as financial firms that are subject to FINMA supervision. Criminal law provisions in Switzerland cover the phenomenon of cybercrime from the perspective of the following criminal offenses. Extortion under Art. 156 Swiss Criminal Code first requires a means of coercion, namely the use of force, the threat of serious harm, or any other act that impairs the victim's freedom of action. Secondly, the injured party must have performed an act that harms his or her financial interests or those of a third party. In addition, there must be a causal link between the threat and the victim's action, as well as intent and an illegitimate enrichment goal. DDoS attacks aim to overload a computer server in such a way that online services become unusable for legitimate users. It happens that perpetrators use such cyberattacks as leverage against their victims. They may also demand a ransom, often in Bitcoin, from their victims to stop the attack, get the attacked servers back up and running, and continue the offered services. In this case, the victim must give in to the cyberattacker’s threats. If no ransom is demanded and the victim does not take any harmful action against his or her financial interests, the perpetrator may still be guilty of coercion under Article 181 of the Criminal Code, especially in the case of threats of serious harm.
About the author: Fabian Teichmann is a lawyer in Switzerland, a notary in St. Gallen, a European lawyer in Liechtenstein, and a management consultant at the international level. He also holds numerous teaching positions at various universities.
For more on this topic, see Teichmann, F. & Gerber, L. (2021). La qualification pénale des attaques DDoS en droit suisse. Jusletter. https://doi.org/10.38023/d6456c6e-9284-4a52-be65-eb2b7e9c3b78.