European Union countries agreed on tougher penalties for cybercrime including beefed up sentences as well plans for more police cooperation.
The new rules, which have to be given the go ahead by European Parliament, establishes minimum penalties for cyber-attacks on IT systems.
Among the items, the EU aims to penalize the production and creation of botnets and the interception of computer data. The EU will also form a cybercrime group that includes "an obligation to provide feedback within eight hours to urgent requests." Meanwhile, the EU will also collect cybercrime statistics.
The meat of the EU's cybercrime efforts revolve around tougher penalties. The penalties break down like this:
- General cybercrime gets prison term of at least two years.
- If an attack is committed against "a significant number of IT systems"---most likely via a botnet---there's at least a three year prison sentence.
- An attack by organized crime is carried out and has caused serious damage or hit a critical system there's prison term of at least five years.
Of course, the penalties are the easy part. It's a bit unclear how the EU will find attackers and then prosecute them. "These new forms of aggravating circumstances are intended to address the emerging threats posed by large scale cyber-attacks, which are increasingly reported across Europe and have the potential to severely damage public interests," said the EU.