EU countries agreed on Friday on tougher sanctions against people conducting cyberattacks such as those registered in recent weeks against the French government, European institutions and Citigroup.
Under the new rules, which have to be agreed by the European Parliament, hackers would face a sentence of at least five years if found guilty of causing serious damage to IT systems.
Tougher penalties would also affect perpetrators of attacks through botnets — networks of infected computers programmed to send spam e-mails — and target identity theft. Illegally intercepting data would become a criminal offense in the EU.
The EU’s 27 member states have also decided to boost their judicial and police cooperation by creating a cybercrimes unit that could be attached to Europol, the European police agency.
“We will be able to take steps in the future based on that broad support from member states,” Hungarian Minister of Administration and Justice Tibor Navracsics told reporters after meeting his counterparts in Luxembourg.
Governments across the world are rushing to come up with cybersecurity strategies because of mounting concerns over criminal hacking and state-on-state -electronic warfare.
In February, France suffered an attack before a meeting of G20 finance ministers in Paris and EU institutions were targeted on the eve of a summit of European leaders in March.
This week, 200,000 Citigroup cardholders’ information was accessed by hackers after a string of companies such as Google, Sony Corp, Nintendo, Lockheed Martin were also attacked.