- SMB Spotlight
The Queen's Speech revealed that the government intends to get much tougher on cyber crime by amending the Computer Misuse Act to more adequately punish those guilty of major cyber offences.
"A Serious Crime Bill will be brought forward to tackle child neglect, disrupt serious organised crime and strengthen powers to seize the proceeds of crime," the Queen said on Thursday.
According to a supporting government document, this Bill will include amendments to the Computer Misuse Act.
"The purpose of the Bill is to create peace of mind for all that live here by building on current criminal and civil law to ensure we can continue to effectively and relentlessly pursue, disrupt and bring to justice serious and organised criminals, guard against the threat of terrorism and protect vulnerable women and children," a government document said.
The new Bill could be used to hand down stronger sentences to hacktivist groups such as Anonymous, judging by the government document.
"The Bill would create a new offence targeting people who knowingly participate in an organised crime group," it said.
A Home Office spokesman said sentences will reflect the damage caused, explaining that this could extend to life sentences for those found guilty of life threatening acts and 14-year sentences for less serious crimes.
"Our reliance on computer systems and the degree to which they are interlinked is ever increasing and a major cyber attack on our critical infrastructure would have grave consequences," said Karen Bradley, minister for modern slavery and organised crime.
"This Bill would ensure that in the event of such a serious attack those responsible would face the justice they deserve."
The chief technology office of security firm FireEye, Greg Day, welcomed the move as a necessary move to combat the threat from cyber criminals, but said the open-ended nature of many cyber incidents could make sentencing hard.
“Amending the Computer Misuse Act 1990 on computer systems fully reflect the damage is a big step forward.
"However getting the sentencing right is hard, as most companies are unable to qualify the extent of the attack or the commercial damage it has on their business, meaning that it will continue to be hard to implement and get the sentencing right.
“In other countries sentencing on cyber attacks appear to be lighter than other more physical crimes too but the crime must match the punishment."