The Computer Misuse Act is set to be amended in order to issue harsher sentences.
Following yesterday’s speech by Her Majesty the Queen at the state opening of Parliament, an amendment to the Computer Misuse Act 1990 ensure sentences for attacks on computer systems fully reflect the damage they cause.
Troy Gill, senior security analyst of AppRiver, said he felt that bolstering the penalties for those who commit these types of crimes was “certainly a step in the right direction”.
He said: “With hackers targeting businesses and consumers at a staggering rate, this change is certainly overdue, but it is better late than never. Although making penalties harsher may deter some from committing these crimes, it will not make it any easier to find these individuals. It also will not be very effective at rounding up hackers that are committing these crimes from outside the borders of the UK.”
Asked if this is a case of the Government taking action too late to try and stop cyber criminals, or punish them, Jonathan Armstrong, partner at Cordery, said: “I think whilst it cannot do any harm - and could have a deterrent effect - we have seen just this week how internet crime is a global phenomenon and needs global co-operation.”
Asked if recent stories showed too much leniency, Gill said that hopefully this step will make some progress with sentencing that some currently view as too lenient. “It is quite common for cyber criminals (once arrested) to cooperate with the authorities, this helps bring other criminals to justice as we learned recently with the release of the hacker ‘Sabu',” he said.
“Amending the law so that these criminals are facing stiffer penalties should help to improve their willingness to cooperate with authorities.”
Simon Placks, head of EY cyber crime investigations, welcomed cyber security featuring high on the Government’s legislative agenda; and any move towards tougher sentencing for cyber criminals is a move in the right direction, and will be welcomed by business. “It will play an important role in helping to reduce the rates of cyber attacks and deter criminal activity in this space,” he said.
“However, attribution continues to be one of the major difficulties when it comes to prosecuting cyber criminals, as it is often extremely difficult to identify the origin of an attack. Therefore, companies should not become complacent around cyber security.”
Dan Raywood is editor of the IT Security Guru