Distributed denial of service (DDoS) attacks will be criminal acts from now on, thanks to changes to the Computer Misuse Act that have come into effect.
The changes have been in the offing for six years, reported Outlaw.com. They were held up because of concerns that some of the phrasing could stop anti-cybercrime researchers from developing, owning or sharing malware for research.
Outlaw.com said the changes make it a criminal offence to conduct DDoS attacks. The original legislation included offences of unauthorised access to computer material and of unauthorised modification of computer material.
"There is now a new offence of doing anything without authorisation with intent to impair, or with recklessness as to impairing, the operation of a computer," said the report.
Offenders face up to 10 years in jail and a fine, up from five years. The maximum penalty for unauthorised access to computer material rises from six months' imprisonment and a fine to two years' imprisonment and a fine.
The act also makes it an offence to make, adapt, supply or offer to supply any article which is "likely to be used to commit, or to assist in the commission of, [a hacking or unauthorised modification or DoS] offence", Outlaw.com said. It is also an offence to supply an article, such as program or data, "believing that it is likely" to be used to commit such an offence. The penalty here is up to two years' in jail.