UK bill would increase penalties for cybercriminals

The British government has proposed sharply increasing penalties for computer crimes that are taking a financial toll on U.K. businesses.

The Police and Justice Bill would amend the Computer Misuse Act of 1990, a Home Office spokeswoman said Friday. It would increase the maximum penalty for unauthorized modification of a computer from five years to 10 years, a provision that would cover all forms of DDOS (distributed denial of service) attacks, she said.

If passed into law, those convicted of unauthorized access to a computer could face up to a two-year prison sentence, up from six months.

"Over the last 18 months there have been a lot of high-profile DOS attacks which have in turn been accompanied by extortion requests against U.K. online bookmakers," the spokeswoman said.

The National Hi-Tech Crime Unit estimated e-crime cost U.K.-based companies with more than 1,000 employees £2.4 billion ($4.3 billion) annually. Of 200 companies that participated in the survey, 90 percent reported they had experienced unauthorized access to their networks, while 89 percent had been victims of data theft.

The amendments would also bring the U.K. in line with commitments to the Council of Europe's Convention on Cybercrime in 2001 and the European Union's Framework Decision on Attacks Against Information Systems, both of which focus on stronger measures against e-crime, she said.

The bill has been introduced to the House of Commons, the spokeswoman said.