 |
| Home Secretary Theresa May's |
Home
Secretary Theresa May's legislative programme was announced in the Queen's
Speech on Wednesday, with the Serious Crime Bill one of the changes being
introduced with an eye on tackling corrupt accountants, solicitors and even
cyber-criminals by giving courts tougher judicial powers.
In
particular, the changes will allow police to seize assets from convicted gang
bosses and will widen the punishment for so-called ‘Mr Big' criminals who often
partake in criminal activity without hands-on involvement. This
crime-by-association offence will carry up to five years' imprisonment.
The
bill, the full details of which can be found on the "GOV.UK WEBSITE", details further
sanctions for those possessing paedophile 'manuals' and extra reach for the
Female Genital Mutilation Act 2003, and also grants extra powers on cyber
policing.
One
of the changes, for instance, stipulates that the government would amend the
Computer Misuse Act 1990 to “ensure sentences for attacks on computer systems
fully reflect the damage they cause.” This would ensure maximum jail sentences
of up to 14 years for serious cyber-attacks.
Simon
Placks, head of EY cybercrime investigations, said that the Serious Crime Bill
is yet another sign that cyber-crime is high on the agenda of things to do for
the British government, which is spending £650 million on its National Cyber
Security Programme.
“It's
good to see cyber security featuring high on the government's legislative
agenda. Any move towards tougher sentencing for cybercriminals is a move in the
right direction, and will be welcomed by business” he said in an email.
“It
will play an important role in helping to reduce the rates of cyber-attacks and
deter criminal activity in this space. However, attribution continues to be one
of the major difficulties when it comes to prosecuting cyber-criminals, as it
is often extremely difficult to identify the origin of an attack.
“Therefore
companies should not become complacent around cyber security. First and
foremost businesses should be focusing on prevention over prosecution.
Specifically, they need to ensure they have robust defences in place and work
ever harder towards attack prevention by identifying, classifying and
monitoring access to key information. They also need to ensure they have the
ability and the processes in place to be able to act quickly if a breach
occurs."
Greg
Day, CTO for FireEye in the EMEA, is also encouraged by the changes. “It's very
encouraging that the government is taking cyber-attacks more seriously;
amending the Computer Misuse Act 1990 on computer systems fully reflect the
damage is a big step forward.
However getting the sentencing right is hard,
as most companies are unable to qualify the extent of the attack or the
commercial damage it has on their business, meaning that it will continue to be
hard to implement and get the sentencing right. In other countries sentencing
on cyber-attacks appears to be lighter than other more physical crimes too but
the punishment must match the crime.”
Adrian
Culley, independent security consultant and a former Met Police Computer Crime
Unit detective told SCMagazineUK.com that the update of the Computer Misuse Act
1990 was a sign that crimes increasingly have a cyber-element.
“The
Computer Misuse Act has served us well since its inception, indeed the Prestel
message board system that led to the Acts creation quietly retired some years
ago now,” he said via email.
“It
is important to remember that many, if not most, criminal acts now contain a
cyber-element. Many criminals now have some cyber skills and knowledge. Seeing
the Computer Misuse Act have its sentencing provisions updated sends an
important message to the criminal community.”
You can read more detailed information on this story "HERE"
No comments:
Post a Comment