Europe’s war on online crime is to become even fiercer after the European Commission announced tougher sentences for cyber criminals.
Prison sentences of five years or more could be introduced for cyber crimes, up from the current penalty of one-three years, in an attempt to reduce online security threats and the associated cost to the European economy of issues such as computer viruses, spyware and online fraud.
The proposals come after recent mass-scale attacks on computer systems in Lithuania and Estonia and would bring the 27 EC states into line with countries such as the UK, France and Germany who already have tougher sentences for cyber criminals.
“We need new legislation to fight cyber attacks. Large-scale attacks are on the rise but the penalties . . . are not severe enough to dissuade criminals,” Radomir Jansky, a senior cybercrime official within the Commission’s Directorate-General for Justice, Freedom and Security, told the Financial Times.
“The cost for businesses, law enforcement and state authorities is on the rise, and we need to recognise that,” he added.
Mr Jansky was speaking at a meeting of the Messaging Anti-Abuse Working Group in Amsterdam, a meeting of internet service providers and industry professionals to discuss issues such as spam, botnets (networks of hacked computers) and email marketing.
The move is part of a wider strategy to promote IT security and harmonise cyber crime enforcement across the European Economic Area (EEA). Other initiatives include a Europe-wide reporting system which allows countries to quickly communicate details of an attack to fellow member states.
The EU-backed Insafe scheme has also taken steps to promote IT security, the benefits of antivirus software and computer best practice to European citizens with initiatives such as Safer Internet Day.
Last month, US President Barack Obama also highlighted the issues of IT crime, claiming that losses from cybercrime – including industrial espionage and identity theft – totalled a staggering $1,000bn (€706bn, £617bn).
A recent survey in Australia put the cost of online threats to Australian business at AU$649m (US$514m) per year.