November 15, 2006

According to various reports, new legislation in the United Kingdom this week will ensure that DoS (denial of service) attackers get up to 10 years in jail when convicted.

Under the new Police and Justice Act of 2006, the previous 1990 Computer Misuse Act and its police IT organization Pito are being abolished and replaced by the recently collaborated National Policing Improvement Agency.

The new, stricter law says, "a person is guilty of an offence if at the time of any attack they have the intent to impair the operation of any computer, prevent or hinder access to any program or data held on a computer, or impair the operation of a program or the reliability of data."

The update was reportedly prompted by confusion over a 2005 case in which a teenager executed a denial of service attack on his former employer's email server.

He was later cleared because no one knew whether DoS attacks were covered at all in the original 1990 CMA.

The teenager was found guilty earlier this year and was sentenced to a two month curfew.

Under the new act, police will have the authority to access passenger and crew data on any journeys within the UK or arriving into the UK.

The new law will also increase the sentence for hacking a computer from a maximum of six month to two years imprisonment.

Source: The WHIR