More

EU Governments Crack Down On Cybercrime

Cybercrime

First Posted: 06/11/11 01:28 PM ET Updated: 08/11/11 06:12 AM ET

Inspiring
 Funny
 Obsolete
 Scary
 Must-Have
 Amazing
 Innovative
 Nerdy

BRUSSELS (Reuters) - EU countries agreed on Friday on tougher sanctions against people conducting cyber attacks such as those registered in recent weeks against the French government, European institutions and Citigroup.

Under the new rules, which have to be agreed by the European Parliament, hackers would face a sentence of at least five years if found guilty of causing serious damage to IT systems.

Tougher penalties would also affect perpetrators of attacks through botnets -- networks of infected computers programed to send spam emails -- and target identity theft. Illegally intercepting data would become a criminal offence in the EU.

The EU's 27 member states have also decided to boost their judicial and police cooperation by creating a cybercrime unit which could be attached to Europol, the European police agency.

"We will be able to take steps in the future based on that broad support from member states," Hungary's Justice and Public Administration Minister Tibor Navracsics told reporters after meeting his counterparts in Luxembourg.

Governments across the world are rushing to come up with cyber security strategies because of mounting concerns over criminal hacking and state-on-state electronic warfare.

In February, France suffered an attack before a meeting of G20 finance ministers in Paris and EU institutions were targeted on the eve of a summit of European leaders in March.

This week, 200,000 Citigroup card holders' information was accessed by hackers, after a string of companies such as Google , Sony Corp, Nintendo, Lockheed Martin were also attacked.

(Reporting by Christopher Le Coq; Editing by Julien Toyer and Jon Hemming)

Copyright 2011 Thomson Reuters. Click for Restrictions

FOLLOW HUFFPOST TECH

BRUSSELS (Reuters) - EU countries agreed on Friday on tougher sanctions against people conducting cyber attacks such as those registered in recent weeks against the French government, European ins...
BRUSSELS (Reuters) - EU countries agreed on Friday on tougher sanctions against people conducting cyber attacks such as those registered in recent weeks against the French government, European ins...
Related News On Huffington Post:
 

Read more from Huffington Post bloggers:
Kathy Kemper

Kathy Kemper: U.S. Leadership and the Future of the Internet: the New U.S. International Cyber Strategy

Many of the innovations in computing have had two sides: great promise and great danger. Today, the stakes are higher than ever -- but with a framework to guide our engagement online, the U.S. is on the right track.

Filed by Catharine Smith  | 

More in Technology...


 
 
  • Comments
  • 30
  • Pending Comments
  • 0
  • View FAQ
Comments are closed for this entry
View All
Favorites
Recency  | 
Popularity
photo
Abraxas Discala
5 Fans
06:22 PM on 06/13/2011
Great to see better regulation in this space. When will the U.S. follow suit?
Permalink  |
photo
BrassOnes
Hasa Diga Eebowai
230 Fans
05:22 PM on 06/12/2011
"This week, 200,000 Citigroup card holders' information was accessed by hackers, after a string of companies such as Google , Sony Corp, Nintendo, Lockheed Martin were also attacked."

Yet, these hackers see themselves as heros.
Permalink  |
photo
HUFFPOST SUPER USER
becky bradshaw
"In a time of universal deceit, telling the truth
450 Fans
09:19 PM on 06/12/2011
No, they view themselves as businessmen.
Permalink  |
HUFFPOST SUPER USER
dbrett480
331 Fans
04:23 PM on 06/12/2011
I guess the only cybercrime the EU countries crack down on is finance related. They let the pedophiles conduct their "business" without disruption. So much for European "values."
Permalink  |
photo
HUFFPOST SUPER USER
theveggiedude
my body is a temple, not a living graveyard
253 Fans
 
12:07 PM on 06/12/2011
Well, five years is a start. On top of that, they should not be able to touch a computer for an additional 10 years. That would make them think twice.
Permalink  |
photo
HUFFPOST SUPER USER
Thanks4Watching
Daily dose of cynicism
869 Fans
 
01:16 AM on 06/12/2011
These people are addressing a symptom, not the disease.

The problem is poor cybersecurity. Stiff penalties alone are not enough to deter hackers, and the real professionals, the people who take hijack millions of passwords and steal money electronically, are REALLY good at covering their tracks.

Companies like Sony are being picked on because of their pathetic website security. Most of them are taken down by SQL injections, which are the oldest and easiest trick in the book. They do what's cheap, not what's safe, and their customers pay the price.

Hackers have existed and will continue to exist as long as there is an internet. Hunting down each and every hacker will solve nothing, because learning how to do what they do is about as simple as a Google search (see: script kiddie). What they need to do is ramp up their own security.

What these people are suggesting is the equivalent of spending all of your time squishing bugs that get into your house rather than using repellant.
Permalink  |
jaynerives
3 Fans
01:17 PM on 06/12/2011
You are correct,to a point. We need to look at both sides of the issue, not just the one. However, companies loathe the government telling them what to do so it will have to be done with care. Say rules like companies can be sued for higher levels of damages by those whose private info was potentially exposed if they aren't using multiple security methodologies. Or even that a 'victim' doesn't have to be able to prove their info was exposed, the possibility if enough and so on. Perhaps even flip it and say that companies that aren't using strong security measures can't file civil suits against the hackers. Things like that. Leave the exact style and software to the company but at the same time give them a strong incentive to use something (and more than one when possible)
Permalink  |
photo
jsarets
913 Fans
11:43 PM on 06/11/2011
How about instead of wasting time by legislating sentencing terms (a prerogative that should belong exclusively to judges), national governments work together on treaty which phases in a mandatory security framework for the Internet?

Such a framework is already implemented and standardized in at least one form (IPsec). This is an extension to the IP protocol which uses a public key certificates to authenticate and encrypt any transmission over the Internet without requiring explicit support from applications.

I use IPsec ESP in tunneling mode for my home VPN. I don't need to shy away from public open wifi hotspots, because the connection between my client devices and my home server is authenticated and encrypted regardless of the underlying link layer or the overlying transport and application layers.

The only limitation is that most hosts on the Internet do not accept IPsec connections, so I have to run it in tunneling mode rather than transport mode, and the tunnel has to end whenever packets leave my VPN to go out over the public Internet. 

The governments have to do two things:

First, they should establish a deadline for commercial Internet services to accept IPsec connections.

Second, they should create an identify verification standard for digital certificates which is roughly equivalent to state-issued ID cards or passports, and they should strongly encourage commercial services to require certificates signed with this level of identity verification.

There is a place for pseudo-anonymity on the Internet in the form of self-signed certificates which aren't necessarily associated with a real-world identity. But every data transmission should be encrypted, and any service dealing in sensitive information should require strong authentication.

The proper role of government should be, first and foremost, to give Internet users a framework for establishing an appropriate level of trust for engaging in private communications, so that we can better determine with whom we're communicating (to the exclusion of everybody else). This is necessary to allow Internet users to protect themselves from identity theft and malicious behavior.

It's also necessary to give the authorities the forensic evidence they need to investigate fraud and trespassing on the Internet and to bring the perpetrators to justice. Merely setting mandatory minimums for sentencing convicted cyber-criminals isn't going to work if they can't be positively identified.
Permalink  |
likes2kayak
Freedom to the USA!
233 Fans
03:17 PM on 06/11/2011
It is a wonderful idea but what do you do when you already have an over crowded prison system? Let some out like they are in California? How do you choose the lesser of the two evils?
Permalink  |
photo
HUFFPOST SUPER USER
jessivehadit
Philosopher, Scientist, Writer, Researcher
303 Fans
05:07 PM on 06/11/2011
Let out the pot smokers and minor drug users and only throw the worst hackers in.
Permalink  |
photo
HUFFPOST SUPER USER
theveggiedude
my body is a temple, not a living graveyard
253 Fans
 
12:10 PM on 06/12/2011
Remember the TV series the prisoner? We need to make a place like that on an island and send them to the village. No need to lock them up with violent offenders or perverts.
Permalink  |
jaynerives
3 Fans
01:18 PM on 06/12/2011
Even better. Put them on a remote island with no computers etc. But fill it with hidden cameras and tape them. Reality tv at its finest because it will be real reality not that trumped up garbage like Survivor and big brother.
Permalink  |
photo
HUFFPOST SUPER USER
FunKevin
38 Fans
01:53 PM on 06/11/2011
We need to learn to run with these crooks. People are getting played real bad by them. If we get them please lets make them pay a very high price. What can we the people do to help? I'm ready...
Permalink  |
photo
HUFFPOST SUPER USER
noknrc
happy to be retired
341 Fans
02:00 PM on 06/11/2011
Contact your local FBI office. report the event and they may have you forward the emails they send you. It may not lead to anything since most originate outside the US but it can not hurt.
I have been running an internet business and have been advertising on Ebay for almost 10 years. I deal with these scam artists on a daily basis. I could tell a scam a mile away as soon as I read the email.
Permalink  |
photo
HUFFPOST SUPER USER
FunKevin
38 Fans
02:15 PM on 06/11/2011
Hello and thank you... I'm trying to learn to run a internet business. Can you help me? Boyoo do I have a story to tell... You can reach me on my email collegecare@aol.com Thanks so much....
Permalink  |
This user has chosen to opt out of the Badges program
photo
Redtom100
23 Fans
01:53 PM on 06/11/2011
Just hacking should get the hacker 5 years. If there are any damages, then 15 years at hard labor. If hacking into defense systems or any other systems that cause the death of anyone, life or the death penalty.
Permalink  |
photo
HUFFPOST SUPER USER
Desolati0n
I am the freshest wizard ever.
30 Fans
 
05:09 PM on 06/11/2011
I crashed the iranian president's website because he wasn't giving his people freedom of speech. Should I be put to death sir? Also, are you aware our prisons are over-crowded, lets waste perfectly good jail cells on hacktivists and not to mention our tax dollars.
Permalink  |
This user has chosen to opt out of the Badges program
photo
Redtom100
23 Fans
07:51 PM on 06/11/2011
You sir are lying to me. However, if you are not, you may be headless soon. Hackers are poison. Hackers are thieves. Hackers are perverts. There is nothing good about a hacker. If one country does it to another, it should be an act of war. You are smarmy enough to say, would you fight it sir? Well I already fought my war hacker boy. Look, we don't need jails as you know them. I would put tents out in the desert. When I was in the service, I lived in a tent for 15 months in extreme heat and humidity, and it was a rat bordello among other things. I do not feel bad about puting people in Death Valley 50 miles from anywhere. We can feed them baloney sandwiches, lima beans and franks (cold in a can with an inch of grease on it,), and 2 quarts of water a day Oh yeah, we can torture guys like we were in basic training like gassing them when they are not looking, make them fight with pugel sticks until they are bloody, That may stop some of this. I am just being as asenine as you are, lefty hacker. Be responsible. Do not hack and change your diaper.
Permalink  |
photo
JConabicycle
18 Fans
 
12:35 AM on 06/12/2011
One man's hacker is another man's patriot. Someone affiliated with a governmental agency either within or allied to the United States managed to hack/crash the Iranian nuke program and set back their progress substantially. Is that "perverted?" Or patriotic?

More recently, someone affiliated with the USG or an ally managed to hack into a terrorist website, and substitute a recipe for Ellen DeGeneres's favorite cupcake recipe on an Al Quaida instructional bombmaking page. Is that "perverted?" Or patriotic?

Don't use your military service to justify your comments. They either stand on their own merit, or they don't. You're a screen name on a discussion board, you could easily be inventing a military background (many people do)--or not. No one knows and no one cares. FWIW, you plainly haven't enjoyed the more recent MRE's enjoyed by our personnel in uniform--they are much better than the crap left over from WW2/Korea/Vietnam in the green cans. No grease, no bologna. Everything's in space-age pouches these days. They've even got vegetarian options.

Scolding and wagging angry fingers at hackers isn't going to stop them. Hacking is the 21st Century Crime du Jour. It's the future of warfare, too. What's needed is better counter-hackers, to thwart the hackers who seek to do us harm. The US government as well as some of our allies actively recruit the good ones--and so do our adversaries.
Permalink  |
photo
HUFFPOST SUPER USER
noknrc
happy to be retired
341 Fans
01:53 PM on 06/11/2011
Great idea but almost impossible to correct. I see scam emails everyday since I run a business on the internet. They try to purchase high dollar products with bad credit cards or the newest is through a paypal account they hijacked. These emails are easy to spot by the way they are worded. I usually respond with a nice try but needs more work. I usually love the response I get back put I can not post it without being removed. This problem stated back in 2004 and just grew.It was a huge problem when ebay opened up their enrollment without the usual checking system they used to qualify people before they would give you an ebay account. Also they would hijack other peoples ebay accounts through phony emails .
Permalink  |
jaynerives
3 Fans
01:34 PM on 06/12/2011
Schemers can be fun. I helped bust one group when I was at Borders. Sad part was that they thought that using TTY relay (or claiming they were TTY Relay) would make us believe they were legit. Same with claiming the books were for places like the St Sebastian's Catholic School for Boys in Nigeria. They probably should have realized that we have caller id and would call back the relay number to find out it was a bar. Or call the bank to check the card before placing the order.
My first clue -- Relay operators are supposed to read exactly what is on the screen including the TTY code words. I know this because I was trained by a TTY relay operator to handle such calls when I worked for the public library during high school. But this 'operator' didn't read the code words. Oops.
Permalink  |
photo
HUFFPOST SUPER USER
guest6713
38 Fans
01:52 PM on 06/11/2011
any cybercriminal should be whipped and smacked around in prison for 99 years
Permalink  |
photo
HUFFPOST SUPER USER
noknrc
happy to be retired
341 Fans
01:55 PM on 06/11/2011
The only problem most of the scams do not originate in this country. over 50% originate in oriental countries.
Permalink  |
bighornman
"You take the blue pill ~ the story ends ..."
154 Fans
01:22 PM on 06/11/2011
I hate the cyber scammers. Too many victims already.
Permalink  |
photo
JWerner
Beware Macduff; beware the thane of Fife!
205 Fans
04:50 AM on 06/13/2011
A lot of the victims are often victims of their own stupidity. . .the kind of people that fall for 'Nigerian Prince'-type scams, etc.

It's like these people never heard of the saying: "If it sounds too good to be true, it probably is".
Permalink  |
photo
mj1247
this comment approved by..me
155 Fans
01:15 PM on 06/11/2011
anyone convicted of any cybercrime should be put in jail for at least 50 years
Permalink  |
This user has chosen to opt out of the Badges program
photo
jcbstz
31 Fans
12:55 PM on 06/11/2011
can't win the war on drugs BUT maybe a war on cyber crime will work.
Permalink  |