The European Commission has proposed a new directive on attacks against information systems to replace current, outdated frameworks.
The aim of the proposed directive is to cover new forms of cyber crimes such as large-scale cyber attacks and to raise the level of penalties for associated criminal offences.
The move forms part of renewed measures to ensure Europe can defend itself from attacks against key information systems.
The proposed directive provides for the prosecution of cyber attackers and malware producers as well as heavier criminal sanctions for related crimes.
"It is time for us to step up our efforts against cyber crime," said home affairs commissioner Cecilia Malmström.
The proposals are an important step in criminalising the creation and selling of malicious software, she said.
The EC believes the directive could pave the way for improved co-operation between the judiciary and the police of member states.
The directive, if adopted, will require member states to make better use of contact points by treating urgent information sharing requests in a specified time.
It will also provide for the establishment of a system to record and trace cyber attacks.
The proposed directive is complemented by a proposal to strengthen and modernise the European Network and Information Security Agency (ENISA).
The EC want to extend the term of ENISA to 2017 and expand its role to address growing cyber threats.
ENISA plans a Europe-wide simulation exercise to test the regions cyber attack response capability to be held at an undisclosed date in November.
Both proposals will be forwarded to the European Parliament and the EU's Council of Ministers for adoption.