Distributed denial of service (DDoS) attacks will be criminal
acts from now on, thanks to changes to the
Computer Misuse Act that have come into effect.
The changes have been in the offing for six years, reported
Outlaw.com. They were
held up because of concerns that some of the phrasing could stop
anti-cybercrime researchers from developing, owning or sharing
malware for research.
Outlaw.com said the changes make it a criminal offence to
conduct DDoS attacks. The original legislation included offences of
unauthorised access to computer material and of unauthorised
modification of computer material.
"There is now a new offence of doing anything without
authorisation with intent to impair, or with recklessness as to
impairing, the operation of a computer," said the report.
Offenders face up to 10 years in jail and a fine, up from five
years. The maximum penalty for unauthorised access to computer
material rises from six months' imprisonment and a fine to two
years' imprisonment and a fine.
The act also makes it an offence to make, adapt, supply or offer
to supply any article which is "likely to be used to commit, or to
assist in the commission of, [a hacking or unauthorised
modification or DoS] offence", Outlaw.com said. It is also an
offence to supply an article, such as program or data, "believing
that it is likely" to be used to commit such an offence. The
penalty here is up to two years' in jail.