Life sentences for serious cyberattacks are proposed in Queen's speech

The UK government has said it wants to hand out life sentences to anyone found guilty of a cyberattack that has a catastrophic effect, under plans announced in the Queen's speech.

Any hackers that manage to carry out "cyberattacks which result in loss of life, serious illness or injury or serious damage to national security, or a significant risk thereof" would face the full life sentence, according to the serious crime bill proposed in the Queen's speech.

As well as targeting cyberterrorists, the new offence in the proposed update to the Computer Misuse Act 1990 would also hand harsher sentences to those hackers carrying out industrial espionage, believed to be a growing menace affecting UK business. The law would have a maximum sentence of 14 years for attacks that create "a significant risk of severe economic or environmental damage or social disruption". Currently, the section of the CMA covering such an offence carries a 10-year sentence.

Jim Killock, executive director of the Open Rights Group, said the bill would be difficult to justify, given current laws already carry punishments for those who carry out significant acts of terrorism, whether via computers or other means. "If a supposed cyberterrorist endangers life or property, there are existing laws that can be used to prosecute them," Killock said.

Such acts have "only been seen in Hollywood movies", said Mustafa Al-Bassam, a computer science student who was convicted under the CMA for his participation in cyberattacks on companies as part of the hacktivist collective LulzSec.

The government has also not addressed complaints over the application of current computer crime law, which some in the security industry claim actually makes the Internet less safe.