Internet Crime Forum calls for tougher sentences for hackers

An influential computer crime group representing businesses, police, government departments and the Crown Prosecution Service has...

An influential computer crime group representing businesses, police, government departments and the Crown Prosecution Service has called for tougher prison sentences to deter computer hackers.

The Internet Crime Forum has urged the Home Office to amend the Computer Misuse Act to increase the maximum prison sentence for the least-serious hacking offences from six months to five years.

Last year Computer Weekly launched its Lock Down the Law campaign in an attempt to co-ordinate industry efforts to persuade the government to update the UK's computer crime laws.

The ICF's proposals, contained in a review of the Computer Misuse Act presented to the Home Office, are designed to update UK law and bring it in to line with emerging European computer crime treaties.

The government has been facing growing pressure to review the law in the light of the development of the internet and the emergence of new threats, such as denial of service attacks. The Act has been criticised by businesses because hackers prosecuted under it have received light community service orders or fines rather than prison sentences.

The ICF paper urged the Home Office to increase the maximum sentence for basic unauthorised-access offences to five years, as is the case with more serious offences, such as modifying data without authorisation. This would make all hacking crimes extraditable offences and give police powers to search and seize a suspect's computer equipment for evidence. It would also mean that law enforcement agencies would have three years to bring a prosecution rather than the current time limit of six months.

The ICF also urged the government to clarify section three of the Computer Misuse Act, which makes it an offence to modify computer data without authorisation, so that it can be more easily used to bring prosecutions against perpetrators of denial of service attacks, some of which may be difficult to prosecute under the Act's current wording.

The UK's National High-Tech Crime Unit welcomed the ICF's proposals, saying that any move to increase sentencing and assist police in gathering evidence would help in the fight against cybercrime.

"Everyone has been consulted and has contributed so it is really a case of industry, police and lawyers all getting together and working positively to fix some cracks in the legislation. It should make life better for the cops and more uncomfortable for the robbers," said another police source.

The ICF said the Computer Misuse Act would have to be reworked, or new primary legislation introduced to bring UK law into line with the European Convention on Cybercrime and a proposed European Council framework on attacks against information systems.

Read more on IT legislation and regulation