Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

UK Government Wants More Jail Time for Hackers

In the speech delivered at the start of the parliamentary session, Queen Elizabeth II revealed the UK government’s plans to hand out tougher sentences for those found guilty of launching cyber attacks.

In the speech delivered at the start of the parliamentary session, Queen Elizabeth II revealed the UK government’s plans to hand out tougher sentences for those found guilty of launching cyber attacks.

The British government has proposed the Serious Crime Bill, under which the Computer Misuse Act 1990 will be amended “to ensure sentences for attacks on computer systems fully reflect the damage they cause.”

Digital Fingerprint UK

The Serious Crime Bill “will be brought forward to tackle child neglect, disrupt serious organized crime and strengthen powers to seize the proceeds of crime,” the Queen said in her speech.

In the current version of the Computer Misuse Act, individuals who cause “a significant risk of severe economic or environmental damage or social disruption” face a 10-year prison sentence, but if the legislation is updated, the maximum sentence will become 14 years.

Cyberterrorists ─ those responsible for cyber attacks that result in “loss of life, serious illness or injury or serious damage to national security, or a significant risk thereof” ─ will face life in prison once the Computer Misuse Act is updated.

The proposed changes would also allow those suspected of committing cetrain terrorism-related offences overseas to be prosecuted in the UK.

In addition to the changes made to the Computer Misuse Act, the Serious Crime Bill also targets those who possess “pedophilic manuals.”

Cyber security experts in Britain are not happy about the changes, highlighting the fact that the government also needs to ensure that those involved in security research are not erroneously identified as cybercriminals.

Advertisement. Scroll to continue reading.

“I have serious concerns regarding the proposed changes to the Computer Misuse Act; I suspect it’s more smoke and mirrors than anything of real substance,” Paul Moore, a UK-based IT security consultant, told SecurityWeek.

“We already have sufficient laws in place to prosecute where there are clear cases of cyber crime, but they’re rarely put to good use. Without a general consensus on what constitutes ‘cyber crime,’ penetration testers/research firms are often unfairly tarred with the same brush,” Moore added.  

“Purely from a technical standpoint, it’s true there are many similarities. The difference however is intent; itself notoriously difficult to prove.  If security issues are handled according to the principles of responsible disclosure, there should be no need to pursue the matter through the courts.”

In October 2013, the United Kingdom launched the National Crime Agency, which has been responsible for tackling organized crime, economic crime, border policing, child exploitation and cybercrime. The government is also involved in several initiatives aimed at teaching the public about cyber threats, such as CyberStreetWise and GetSafeOnline.

However, these programs have been heavily criticized by security experts over the past period, with many agreeing that the UK is still far from being properly prepared against cyber threats.

“The recent issues surrounding GetSafeOnline, NCA and CyberStreetWise are testament enough to how woefully ill-prepared we are to the threat of cyber crime.  If we can’t discuss and raise awareness to, let alone mitigate, the threat of malware without vital pieces of national infrastructure collapsing for 16+hrs, you have to wonder what’s gone wrong,” Moore told SecurityWeek.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.