EU Votes For Tougher Cyber Crime Penalties

The European Parliament has adopted new rules that will instruct member states to set a maximum penalty of no less than two years, for cyber crime offences.

The new draft directive will ask member states to impose tougher sanctions for various cyber crimes, such as  illegally accessing or interfering with information systems, intercepting communications and selling hacking tools used to commit such offences.

Cracking down on cyber crime

It sets a minimum sentence of three years for using botnets, where the user is controlling a “significant number of computers”. Attacks on critical infrastructure could lead to a five-year minimum sentence.

Member states will also commit to respond to urgent requests within eight hours, where a nation reports serious cyber crimes that need cross-border collaboration from law enforcement.

The draft directive, proposed in March last year, was adopted by 541 votes to 91 and should be formally adopted by the EU Council “very shortly”, according to the Parliament.

“This is an important step to boost Europe’s defences against cyber-attacks. Attacks against information systems pose a growing challenge to businesses, governments and citizens alike,” said Cecilia Malmstrom, home affairs commissioner.

“Such attacks can cause serious damage and undermine users’ confidence in the safety and reliability of the Internet.

“Together with the launch of the European Cybercrime Centre and the adoption of the EU Cyber Security Strategy, the new Directive will strengthen our overall response to cyber crime and contribute to improve cyber security for all our citizens.”

One of the plans under the European Commission’s Cyber Security Strategy is to oblige public and private organisations to report and share information on cyber attacks on their systems that cause serious damage.

Are you a security expert? Try our quiz!