The Parliamentary All Party Internet Group (APIG) has called for the government to update computer crime laws.
The MPs yesterday (30 June) urged the government to increase the maximum sentence for hacking to two years from the present six months and to categorise denial-of-service attacks as a criminal offence.
The group of MPs want a new version of the 1990 Computer Misuse Act (CMA) to be introduced in November’s Queen’s Speech in response to the increasing number of security breaches spread over the Internet, which did not exist when the original Act was written.
An increase in the maximum sentence for hacking would also make it possible to extradite hackers from overseas countries.
The group of MPs also want the Home Office and the National Office of Statistics to start recording instances of computer security attacks as currently there is no official record.
The most serious computer crime incident can cost a large company between £65,000 to £100,000 a year, according to the Department of Trade and Industry’s Information Security Breaches Survey, published earlier this year.
The Director of Public Prosecutions is also being asked to make it easier for firms to be able to bring private prosecutions against alleged hackers.
As well as a revised Computer Misuse Act, the MPs also called for a new Fraud Bill that will cover fraud conducted on computer networks, such as “phishing”, which sees crooks steal sensitive security data from computer users, by sending them links to phoney versions of financial services sites, where they are asked to reveal account passwords for instance.
Derek Wyatt MP, chairman of APIG said, “The 1990 CMA understandably needs reforming. We hope that our suggestions will see a Bill in the Queen's Speech in November and that the Home Office and the National Office of Statistics will start to include all cyber crime activities in their monthly and quarterly figures, for without them, we are still guessing at the extent of the crimes.”
But Alan Lawson, an analyst at Butler Group, said, the APIG recommendations were only a small step forward in the fight against computer crime.
“Marginally increased powers for section one hacking offences and explicit denial of service offences may discourage 'joyrider' hackers and stimulate legal prosecutions, but it is not strong enough to prevent any significant illegal activity,” he said.
Significant improvements in tackling cyber-crime will only come with a new Fraud Bill, which could offer understandable and enforceable regulations, he said.