New EU laws approve tougher sentences for cyber criminals
Minimum of five years in jail for those that threaten national infrastructure
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.The European parliament has voted in favour of stronger sentences for cybercriminals, especially those that threaten national infrastructure.
Under new laws the 28 EU member states will be required to set terms of no less than two years in prison for individuals caught illegally accessing information systems, tampering with data, illegally intercepting communications, or creating tools that help commit such offences.
This mandated minimum rises to five years if the individuals involved target national systems such as energy plants, public transportation or government servers. These new sentences are higher than tariffs currently imposed by some member states.
The changes also directly address the creation and operation of botnets – groups of hacked computers that are run in tandem to commit offences such as sending out spam and denial of service attacks. Such botnets can be massive in size, with their owners wielding great power.
For example, the Srizbi botnet, estimated to be either the world’s largest, or second-largest botnet, is thought to be made up of around half a million machines. When a hosting provider associated with the botnet was shut down in November 2008, global spam volumes dropped by up to 75%.
Botnet creators add machines to their networks through spam emails and malware, often building up networks before renting or selling it to other criminals. Anyone found setting up a botnet will face a minimum of three years in jail, and if the system is used to threaten national infrastructure then again, the minimum sentence rises to give years.
Member states have two years to sign the new directives into law, with only Denmark choosing to opt out in favour of its own rules. Legislators hope the changes will standardize laws across the EU, where each country has its own variation on cyber law.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments