EU adopts stricter penalties for cyber criminals
Posted on 04 July 2013.
Cyber criminals will face tougher penalties in the EU, under new rules adopted by Parliament on Thursday.

The draft directive, already informally agreed with member states, also aims to facilitate prevention and to boost police and judicial cooperation in this field. In the event of a cyber attack, EU countries will have to respond to urgent requests for help within eight hours.

The draft directive requires EU countries to set their maximum terms of imprisonment at not less than two years for the crimes of illegally accessing or interfering with information systems, illegally interfering with data, illegally intercepting communications or intentionally producing and selling tools used to commit these offences. "Minor" cases are excluded, but it is up to each country to determine what constitutes a "minor" case.

The text sets up a penalty of at least three years' imprisonment for using "botnets", i.e. establishing remote control over a significant number of computers by infecting them with malicious software.

Attacks against "critical infrastructure", such as power plants, transport networks and government networks, can lead to a five-year prison sentence. The same applies if an attack is committed by a criminal organisation or if it causes serious damage.

Member states will be required to respond quickly to urgent requests for help in the event of cyber attacks, so as to render police cooperation more effective. They will have to make better use of the existing 24/7 network of contact points to respond to urgent requests within eight hours.

Legal persons, such as firms, would be liable for offenses committed for their benefit (e.g. for hiring a hacker to get access to a competitor's database). Penalties could include exclusion from entitlement to public benefits or closure of establishments.

The text, adopted by 541 votes to 91, with 9 abstentions, is expected to be formally adopted by the Council very shortly. The new directive builds on rules that have been in force since 2005. Once adopted, member states will have two years to transpose it into national law.

The UK and Ireland have decided to apply this directive but Denmark will not be bound by it.





Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //