Tougher penalties for a wide range of
cybercrimes have been agreed by
A draft directive outlining minimum jail
terms for some crimes was adopted by
the European Parliament on 4 July.
The directive says those found guilty of
running a botnet of hijacked home
computers should serve at least three
years in jail.
It also seeks to improve co-operation
between member states to investigate
crimes and prosecute offenders.
"The perpetrators of increasingly
sophisticated attacks and the producers
of related and malicious software can
now be prosecuted, and will face heavier
criminal sanctions," said Cecilia
Malmstrom, European Commissioner for
Home Affairs in a statement.
The directive builds on Europe-wide
rules that have been in force since 2005
but introduces new offences that cover
use of a botnet, the theft of confidential
details such as passwords and use of
tools that make cybercrimes possible.
Botnets have become a staple in
cybercrime circles and are used by many
criminal hackers to send spam, attack
websites or as a resource that can be
plundered for saleable data. Some
botnets have millions of PCs enrolled in
In addition, the directive recommends
that criminals involved in some crimes
should serve minimum sentences. The
longest jail term of five years should be
served by those who do serious damage
to systems or attack computers
controlling a nation's critical
In addition, it said companies could be
be shut down if they hired hackers to
attack rivals or steal corporate secrets.
Under terms outlined in the directive,
member nations will also be required to
render aid to another state stricken by a
significant cyber-attack within eight
The directive is widely expected to be
formally adopted soon after which
member states will have two years to
translate it into national law.