EU adopts stricter penalties for cyber criminals
Posted on 04 July 2013.
Bookmark and Share
Cyber criminals will face tougher penalties in the EU, under new rules adopted by Parliament on Thursday.

The draft directive, already informally agreed with member states, also aims to facilitate prevention and to boost police and judicial cooperation in this field. In the event of a cyber attack, EU countries will have to respond to urgent requests for help within eight hours.

The draft directive requires EU countries to set their maximum terms of imprisonment at not less than two years for the crimes of illegally accessing or interfering with information systems, illegally interfering with data, illegally intercepting communications or intentionally producing and selling tools used to commit these offences. "Minor" cases are excluded, but it is up to each country to determine what constitutes a "minor" case.

The text sets up a penalty of at least three years' imprisonment for using "botnets", i.e. establishing remote control over a significant number of computers by infecting them with malicious software.

Attacks against "critical infrastructure", such as power plants, transport networks and government networks, can lead to a five-year prison sentence. The same applies if an attack is committed by a criminal organisation or if it causes serious damage.

Member states will be required to respond quickly to urgent requests for help in the event of cyber attacks, so as to render police cooperation more effective. They will have to make better use of the existing 24/7 network of contact points to respond to urgent requests within eight hours.

Legal persons, such as firms, would be liable for offenses committed for their benefit (e.g. for hiring a hacker to get access to a competitor's database). Penalties could include exclusion from entitlement to public benefits or closure of establishments.

The text, adopted by 541 votes to 91, with 9 abstentions, is expected to be formally adopted by the Council very shortly. The new directive builds on rules that have been in force since 2005. Once adopted, member states will have two years to transpose it into national law.

The UK and Ireland have decided to apply this directive but Denmark will not be bound by it.





Spotlight

OpenBSD team forks OpenSSL to create safer SSL/TLS library

Posted on 22 April 2014.  |  Members of the OpenBSD project have begun working on a free version of the SSL/TLS protocol. They are not starting from scratch, but have forked OpenSSL to create a new, more secure option which they have dubbed LibreSSL.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Apr 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //