View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
March 28, 2012updated 22 Aug 2016 12:56pm

EU plans tougher penalties for hackers

Possessing hacking tools could also become a criminal offence, according to new laws

By Steve Evans

Launching a cyber attack on any IT system could become a criminal offence punishable by at least two years in prison, in the EU manages to pass tough new laws.

The EU Civil Liberties Committee has backed a draft law that would update existing EU legislation on cyber attacks.

As well as tougher penalties for hacking, possessing or distributing hacking software and tools would also be an offence. Companies could also be held liable for any cyber attacks carried out for their benefit.

The proposals would unite laws across the European Union for anyone found guilty of a cyber attack against a website, database or network. Similarly, illegally accessing, interfering with and intercepting data will be treated as a criminal offence.

Part of the new laws will mean tougher sentences for these types of crime, with two years in prison being the minimum sentence. At the top end of the scale a five year stretch could be handed down for "aggravating circumstances", such as an attack that uses a botnet or one that causes significant service disruption, financial costs and loss of financial data.

IP spoofing, where an attacker essentially uses someone else’s online identity to launch an attack could soon be punishable by three years in prison, while tougher penalties have also been proposed if the attack is launched by criminal organisation and/or targets critical infrastructure, such as power stations. However the EU has not specified what these new tougher measures would be.

"We are dealing here with serious criminal attacks, some of which are even conducted by criminal organisations. The financial damage caused for companies, private users and the public side amounts to several billions each year" said rapporteur Monika Hohlmeier.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

"No car manufacturer may send a car without a seatbelt into the streets. And if this happens, the company will be held liable for any damage. These rules must also apply in the virtual world" she added.

The EU is hoping for agreement on the new rules by this summer.

Earlier today the European Commission announced plans to launch a Cybercrime Centre, to co-ordinate a European-wide response to the growing threat from online attacks.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.