Skip to main content [aditude-amp id="stickyleaderboard" targeting='{"env":"staging","page_type":"article","post_id":1485960,"post_type":"story","post_chan":"none","tags":null,"ai":false,"category":"none","all_categories":"security,","session":"D"}']

U.K. wants to send cybersecurity hackers to jail — for life

The Tower Bridge of London.

The Tower Bridge of London.

Image Credit: vgm8383 / Flickr

Hackers who commit cybercrimes that threaten the U.K.’s national security could soon face life in prison, government officials recently proposed.

Cyberattacks resulting in “loss of life, serious illness or injury, or serious damage to national security or a significant risk thereof” would carry a full life-sentence penalty, according to a proposed amendment to the Computer Misuse Act of 1990. The government announced plans to amend the act in Queen Elizabeth II’s speech at the state opening of Parliament yesterday.

[aditude-amp id="flyingcarpet" targeting='{"env":"staging","page_type":"article","post_id":1485960,"post_type":"story","post_chan":"none","tags":null,"ai":false,"category":"none","all_categories":"security,","session":"D"}']

The intended changes to the law are part of the so-called “serious crime bill,” which would also carry stiffer sentences for electronically sabotaging industrial targets. For example, attacks that create “a significant risk” of severe economic, environment, or social damages could land hackers in jail for up to 14 years, which is up from the current maximum 10-year sentencing limit.

“This bill would ensure that in the event of such a serious attack those responsible would face the justice they deserve,” said Karen Bradley, the U.K.’s minister for organized crime.

AI Weekly

The must-read newsletter for AI and Big Data industry written by Khari Johnson, Kyle Wiggers, and Seth Colaner.

Included with VentureBeat Insider and VentureBeat VIP memberships.

The changes would bring the U.K. in line with the U.S., which introduced life sentences for computer hackers following the Sept. 11 terrorist attacks in 2001.

Security experts expressed concern that the U.K. government could prosecute researchers looking for software vulnerabilities in the same way it deals with hackers with malicious intent.

“It’s concerning that the law designed to protect people from cybercrime also penalizes activity designed to identify areas of cyberrisk,” Trey Ford, a global strategist at security firm Rapid7, told the Guardian.

To prosecute hackers under the proposed amendment, the British government would need to confirm the attacks had a “significant link” to the U.K.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn More

Explore

None Security