Serious UK Cybercriminals to Face Life Behind Bars

Hackers who launch devastating cyber-attacks on the UK's infrastructure could face life behind bars under new legislation.

Current legislation sets out no specific penalties for cybercriminals responsible for attacks that pose a threat to life or national security.

But the new bill, announced in the Queen's Speech, makes attacks that target essential networks such as power supply, communications, food or fuel distribution a new offence.

If such an attack results in a loss of life, the person responsible faces a life sentence. Those responsible for attacks that cause serious economic or environmental disruption could face 14 years in jail.

The bill also outlaws so-called "paedophile manuals", which do not contain explicit images of children but offer advice on how to groom children for abuse.

Those who obtain malware with the intention of committing criminal acts also face new legal punishments.

However, critics argue that the laws are unnecessary, with anti-terror legislation already sufficient to punish cyber crimes.

"If a supposed cyberterrorist endangers life or property, there are existing laws that can be used to prosecute them," Jim Killock, executive director of the Open Rights Group told the Guardian.

Greg Day, chief technology at cyber security firm FireEye, warned that the damage from many cyber attacks was difficult to identify, thus making the sentences difficult to apply.

"Getting the sentencing right is hard," he told V3.co.uk, "as most companies are unable to qualify the extent of the attack or the commercial damage it has on their business, meaning that it will continue to be hard to implement and get the sentencing right.

"In other countries sentencing on cyber-attacks appear to be lighter than other more physical crimes too but the crime must match the punishment."