ROME (Reuters) – Italy’s government is set to propose tougher jail terms for cybercrime and stricter disclosure rules for public bodies that come under attack from hackers, according to a draft law seen by Reuters on Wednesday.
The bill, set for discussion at a cabinet meeting on Thursday, comes after repeated instances of ransomware and other cyber attacks against Italian ministries, banks, local health authorities and other public institutions.
It raises penalties for breaking into IT systems to between two and 12 years, depending on whether it is done with the use or threat of force, whether public officials are involved and whether national security or the public interest is under threat.
The current legislation sets jail terms of between one and eight years.
The new law, which will need parliamentary approval to enter into force, stiffens jail terms for other cyber offences, but adds that cybercriminals who cooperate with police can expect a reduction of up to two-thirds in their sentence.
It also introduces an obligation for public bodies attacked by hackers to report the incident to the National Cybersecurity Agency within 24 hours, and to adopt security fixes the agency recommends within 15 days, or else face the risk of fines.
The draft bill follows other laws that have raised jail terms for various types of crimes, including organising rave parties, as part of Prime Minister Giorgia Meloni rightist government’s tough approach to law and order and security.
(Reporting by Giuseppe Fonte and Alvise Armellini, editing by Keith Weir)