Cyber criminals will be soon have harsher penalties imposed on them under a new directive approved by the European Parliament, various media have reported. The new legislation is intended to result in an increase in the maximum sentence period a hacker can be given.

The law will allow EU member states to particularly address attacks that affect national infrastructure or harm corporate computer networks. Criminals found responsible for cyber-attacks against critical infrastructures such as power plants, transport and government networks could be sent to jail for up to five years. The draft legislation also calls for a punishment of two years in jail for criminals who have been found to have illegally accessed information systems.

The law also aims to deal with another emerging problem in Europe caused by the growing spread of malicious software that creates botnets. According to the European Commission’s report on the new stricter laws, European MPs propose that member states should allow judges to sentence botnet creators to at least three years in prison. These cyber criminals would be imprisoned if they are found to have used botnets in order to establish control over a significant number of information systems by infecting them with malware.

Botnets have become a major problem across the globe. Computers that are compromised by this malicious software are known as zombies and are used to launch attacks against information systems, often without the knowledge of users. Botnets allow hackers to take computers under their control and use them for a broad range of illegal schemes such as denial of service attacks and phishing scams.

The rules concerning cyber-attacks and botnets have been in place since 2005, however the new directive adds some updates to the legislation in the EU’s ongoing efforts to improve cyber defences.