Print
Discuss
Send to friend
RSS feedsDerek Wyatt MP, chairman of the All Party Internet Group (APIG), has filed notice of a 10 Minute Rule Bill calling for amendments to the Computer Misuse Act (CMA) to address the threat from denial-of-service (DoS) attacks.
Wyatt's Computer Misuse Act 1990 (Amendment) Bill tackles the key recommendations of the APIG inquiry into a revision of the CMA calling on the government to add a specific DoS offence and increase the maximum custodial penalty for CMA Section 1 (Hacking) offences from six months to two years.
A two-year penalty would make hacking an extraditable offence and bring it in line with the requirements of the European Convention on Cybercrime.
"APIG was hoping that an MP would have picked this up as part of the Private Members' allocation for bills," said Wyatt. "But sadly no-one did so it seemed sensible, given the work we undertook last year, to at least place on record what we think the Bill should look like in the hope that the government will come back to it after the general election."
The APIG report recommends that, although the CMA already makes many distributed DoS attacks illegal, there is "significant value" in adding an explicit offence to the legislation.
"In particular, this would send a clear signal to the police, the Crown Prosecution Service and the courts that these attacks should be taken seriously. Also, publicity about the new offence may deter potential attackers by making it explicit that their actions are clearly criminal," APIG stated.
Mark Sunner, chief technology officer at security firm MessageLabs, gave evidence to the APIG committee at the original inquiry in April 2004.
"Criminals operating online have realised the potential commercial value of internet-related crimes and are always looking for new ways to exploit malware to line their pockets," he said.
"As the current provision in the CMA surrounding DoS attacks is ambiguous, companies are left wide open to attack. It is vital that a tighter legal framework is implemented to make it more difficult for computer criminals to operate, but easier for law enforcement agencies to prosecute successfully."
Botnets, in particular, pose a significant potential threat to online commercial activities in the 21st century, crossing international jurisdictions.
A common, co-operative approach to investigating and prosecuting cyber-criminals is, therefore, going to be the most effective way of challenging threats that transcend country borders, Sunner added.
The motion to move the Bill is scheduled to take place on 5 April 2005.
See also:
New threats demand new practices, warns security expert 26 Apr 2005
Will a lack of precision in the Computer Misuse Act bring more advantages than drawbacks? 14 Apr 2005
Official database to examine the behaviour of attacks against IT systems 29 Mar 2005
All Hacking
del.icio.us
Digg this
reddit!
