The European Union has decided to raise prison sentences for people found guilty of hacking, data breaches, and cyberattacks.
Lawmakers from the 28 nations in the EU decided Thursday, in a 541-91 vote, to assign harsher penalties for various cybercrimes, according toÂ Reuters. Included in the increased prison sentences are at least two years for illegally accessing information systems and at least five years for cyberattacks against infrastructure, such as power plants, water systems, and transportation networks.
The lawmakers agreed that the most egregious crimes are those that breach the countries’ infrastructure networks and the theft of sensitive data from computer systems.
Other cybercrimes that got penalty increases were the illegal interception of communications or the creation of tools for this purpose. Additionally, any company that uses these tools or hires hackers to steal data will also be liable under the new laws.
Currently, the penalties for cybercrime vary from country to country, but most sentences top out at five years, according to Reuters. Now each country has two years to put the new laws into place.
The only country that didn’t sign onto the new rules was Denmark, which said it wanted to keep with its own sentences, according to Reuters.
This isn’t the first EU vote to tighten penalties for cybercrime. In 2011, lawmakersÂ agreed to tougher penaltiesÂ for cybercrimes, including new punishments for botnet creators.
The U.S. is also working to clamp down on cybercriminals. In June, members of the U.S. House of Representatives Intelligence CommitteeÂ proposed a new cybertheft lawthat would target hackers based in other countries. And in May, a group of senators proposed a similar bill called the “Deter Cyber Theft Act” toÂ protect commercial data from foreign hackers and governments.