Eurocrats versus the cyber criminals

Inside the enterprise: The European Commission is setting up a cyber-crime centre and proposing minimum jail terms for hackers. Are the authorities now getting serious?


It has not been a good news day for hackers and cyber criminals, at least not in Europe.

Not only is the European Commission set to open a new CyberCrime Centre in The Hague next year, but, as The Independent reports, a proposed EU Directive could set a minimum jail term of two years for hackers.

More serious offences, such as stealing someone's online identity to use for hacking, would attract three years in jail, and companies that use hackers to attack rivals could be shut down.

The European Parliament's rapporteur, Monika Hohlmeier, describes the type of incident authorities aim to combat as "serious criminal attacks, some of which are even conducted by criminal organisations."

Advertisement - Article continues below
Advertisement - Article continues below

This is true. And it is also true that law enforcement agencies, as well as companies seeking civil damages against cyber criminals, have found their efforts hampered by legal inconsistencies. Nor have the courts always taken cyber crime as seriously as many IT professionals believe they should: cyber crime is not victimless, after all.

But there will be questions about the effectiveness of setting up another cyber crime agency, and indeed whether any one legal jurisdiction can tackle the problem alone.

The EU already has a cyber security body, in the form of Crete-based ENISA, which aims to support businesses and governments from cyber attack at the systems and network level. ENISA works with the EU's national CERTs, or computer emergency response teams. Then there are the national police computer crime units.

It is not yet clear how the new body, which is based within Europol, will fit in with these organisations. And already, the EU press release announcing the new agency suggests some overlap with ENISA's work, especially when it comes to warning governments of cyber threats.

More serious still, though, is whether any European organisation can be effective, on its own, in tackling a global problem.

It is very easy for cyber criminals to base themselves outside the EU; there are plenty of locations around the world where laws on computer crime are either weak, weakly enforced, or both. It is also quite easy for cyber crime gangs to mask their true physical location, not least by turning innocent user's machines into "bots."

Advertisement - Article continues below

More resources to fight cyber crime are welcome. The EU can set an example and, according to Ron Gula, CEO at Tenable Network Security, act as a co-ordinator for incidents such as cyber terrorist attacks. But the real challenge facing politicians is lies in improving laws, investigative capabilities and law enforcement internationally.

"The challenge of pursuing criminals across borders of course remains and nothing in the proposed new Directive is going to change that," warns Martha Bennett, of analyst firm Freeform Dynamics.

"No law will ever be able to protect EU citizens [fully] from attack, again because there is nothing that can be done about nasty stuff coming across the internet.

"But making certain actions a criminal offence is a good idea. At the moment, many so-called cybercrimes' can't be prosecuted at all because there's no punishable offence until an actual crime (under existing legislation) has been committed, such as money being stolen from a bank account."

Advertisement - Article continues below

But if the EU's defences can be bolstered, then perhaps cyber criminals might find other, more productive ways to employ their talents or at least, go elsewhere.

Stephen Pritchard is a contributing editor at IT Pro.

Featured Resources

How inkjet can transform your business

Get more out of your business by investing in the right printing technology

Download now

Journey to a modern workplace with Office 365: which tools and when?

A guide to how Office 365 builds a modern workplace

Download now

Modernise and transform your sales organisation

Learn how a modernised sales process can drive your business

Download now

Your guide to managing cloud transformation risk

Realise the benefits. Mitigate the risks

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Are you taking enough accountability on cyber security?

18 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019
Policy & legislation

Breaking up big tech 'will cause more problems', says EU

8 Nov 2019

Most Popular


How to use Chromecast without Wi-Fi

5 Feb 2020

The top ten password-cracking techniques used by hackers

10 Feb 2020
Microsoft Windows

Windows 7 bug blocks users from shutting down their PCs

10 Feb 2020

Coronavirus starts to take its toll on the tech industry

6 Feb 2020