By John Blau
September 21, 2006
IDG News Service
New legislation proposed by the German government aims to make computer
hacking a punishable crime.
The draft law, announced Wednesday, defines hacking as penetrating a
computer security system and gaining access to secure data, without
necessarily stealing data.
As part of the draft, groups that intentionally create, spread or
purchase hacker tools designed for illegal purposes could be punished by
law, the Federal Ministry of Justice said in a statement.
Other punishable cybercrimes include denial-of-service attacks and
computer sabotage attack on individuals, which would extend the existing
law that limited sabotage to businesses and public authorities.
Offenders could face up to 10 years in prison for major offenses.
Although Germany already has a comprehensive penal law against attacks
on IT systems, the proposed revision aims to close any remaining
loopholes, the ministry said.
Some security experts warn, however, that "good" hackers, also known as
"white hats" who work for security companies, could be restricted in
their ability to help software makers and businesses as a result of the
If hackers can't share their tools with the public, "white hats will not
be able to get them and use them internally for testing or external
security consultants won't be able to do security testing," a hacker,
known by the pseudonym van Hauser, wrote in an e-mail. "It's a win-lose
law in favor for the bad guys."
Van Hauser is president of The Hacker's Choice, a noncommercial group of
Visit the InfoSec News store!