Specifically focussing on fraud and counterfeiting of non-cash means of payment, the language of a new European Directive has been agreed upon to strengthen rules surrounding cyber crime.
The new Directive, supplementing the EU's scaled up response to cyber crime, will enhance member states' capacity to prosecute cyber criminals.
The rules which govern payments made with bank cards, mobile payments and payments via cryptocurrencies, aim to offer the penalties for fraud of this type more uniformity to deter cyber criminals from targeting those in states with more lenient punishments for cyber crime.
General Data Protection Regulation (GDPR) What is the 'right to be forgotten'? EU will fine social media firms for failing to remove extremist material
The Directive is also committed to offering victims of non-cash fraud better access to advice and support to limit the consequential damage against them following a cyber attack. Provisions for the exchanging of information between states will also be improved in an effort to close cross-border cases more quickly.
"We are building a safer Europe for our citizens - offline as well as online, and today we deliver on this commitment," said Dimitris Avramopoulos, Commissioner for Home Affairs, Migration and Citizenship. "These new rules will help us crack down on those who steal from our citizens through online fraud, and ensure that our citizens are better protected."
Current EU law governing non-cash payment fraud was drafted back in 2001 so the new law is required to adequately serve today's challenges and technological developments. Since 2001, mobile payments and virtual currencies have become commonplace and such, the law must reflect the criminal demands of today's society. It's also estimated that cyber criminals may be profiting as much as 1.8 billion every year, so the need for new laws has never been greater.
"Strengthening deterrence is crucial to tackling cybercrime -- malicious cyber actors need to know that they face serious consequences," said Julian King, Commissioner for the Security Union. "Today's agreement gives member states a stronger tool to effectively fight online fraud, and provides a forceful disincentive to would-be cyber-criminals."
The Directive will have to be formally approved and adopted by the European Parliament and the Council, and once it is, member states will have up to two years to draft domestic laws which enforce the Directive's rules.
The initial proposal for the updated Directive was featured in President Jean-Claude Juncker's 2017 State of the Union Address and the news follows Monday's agreement on the language of the new EU Cybersecurity Act.
The new Act aims to better support member states with tackling cyber threats and to establish an EU framework for cyber security certification. The framework will deliver technical guidelines for procedures and standards to ensure a high level of cyber security in IoT devices, smart cards and ICT infrastructure. Once approved by the European Parliament an Council, the Act will be drafted into the EU Official Journal and take effect immediately.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
The IT Pro Podcast: The front line of fraud techIT Pro Podcast With tools such as deepfakes, the future of fraud tech relies on cutting edge AI as much as good security practice
-
Podcast transcript: The front line of fraud techIT Pro Podcast Read the full transcript for this episode of the IT Pro Podcast
-
LAPSUS$ breached T-Mobile systems, stole source codeNews T-Mobile has denied that the hackers obtained customer or government information
-
Exclusive: Former Shiseido staff say company was aware of data breach weeks before official noticeNews Fake companies were created using the stolen identities of hundreds of Shiseido employees, former staff claim
-
What is smishing?In-depth A closer look at one of the most perilous forms of phishing
-
SentiLink raises $70 million for its identity verification platformNews SentiLink’s ID Theft Score helps businesses combat synthetic fraud
-
More than half of businesses saw rising fraud levels this yearNews Each individual identity fraud attempt could cost an organisation between £1,000 and £4,999 on average
-
A simple guide to the dark webWhitepapers Why the continued rise of the dark web is a threat to corporate data and why businesses need to take action
