EXCLUSIVE: Decades-old computer law 'hampering UK's battle against cyber attacks'

Campaigners called for a shake-up of the Computer Misuse Act, warning it was hampering the fight against cyber attacks while costing billions of pounds and thousands of jobs

View Image

Cyber experts bidding to bolster Britain’s web protections are being hampered by outdated laws, campaigners warned today.

They feared the UK was “bleeding cyber expertise”, with thousands of professionals quitting the country to work elsewhere. The CyberUp Campaign urged the Government to “recognise the risk of inaction” and accelerate an overhaul of legislation.

Scores of experts took part in a survey investigating how the 1990 Computer Misuse Act was affecting their attempts to help protect the country against rising cyber attacks. Three out of five believed the legislation “acts as a barrier to their work across areas of threat intelligence and security vulnerability research”, said the campaign. Four out of five claimed the Act put the UK at a competitive disadvantage compared with other countries.

Campaigners said the cyber security industry may have missed out on about £3billion due to a lack of reform. They added: “Further profits will continue to be lost if the Government fails to reform the Act.” The campaign also said 16,850 cyber security professionals “may have been lost to countries with more permissive cyber laws because of the UK’s 30-year-old law governing cybercrime”.

It said the loss was “equivalent to losing two GCHQs worth of talent”. Cheltenham-based Government Communications Headquarters is Britain’s eavesdropping station and includes the National Cyber Security Centre.

Some 34% of respondents “found it extremely or very difficult to compete with non-UK firms and 30% reported losing contracts or customers to non-UK firms due to activities deemed illegal under the Act, potentially resulting in significant economic losses”, said the campaign. Respondents state the “lack of clarity in UK law” was a major concern and many “do not feel confident” undertaking work which could help protect vital infrastructure. The findings come as the Home Office continues to consider reforming the CMA.

The CyberUp Campaign’s Rob Dartnall said the study was “an important reminder of the detrimental impact that the UK’s outdated cyber laws are having on the UK’s cyber resilience”. He added: “The longer we wait for reform, the more we risk bleeding crucial cyber expertise and costing the UK economy billions. Most importantly, we are dangerously exposed to growing cyber threats all because of the lack of political will to legislate for the changes needed. Urgent reform is our shield against cyber threats.”

Conservative MP Flick Drummond said the report should send “a clear and urgent signal, exposing the restrictive impact that the Act is having on the very professionals tasked with defending our businesses, citizens, and national security from the ever-evolving landscape of cyber threats”. She added: “The UK faces unprecedented levels of cybercrime and fraud. As we witness the ever-increasing frequency and sophistication of cyber threats to our computer and personal devices, businesses and critical national infrastructure, it is imperative that we ensure that our legislative frameworks are able to safeguard our nation's cybersecurity.”

A Government spokeswoman said: “Cybercrime is a prevalent threat to the public, businesses and government, and tackling it is at the heart of our National Cyber Strategy. We keep our legislation to tackle offences under constant review to ensure we continue to provide a robust response. A key pillar of the National Cyber Security Strategy is strengthening the UK cyber ecosystem through consistent investment in our people and skills, including by deepening the partnership between government, academia and industry to ensure an innovative and thriving cyber security sector.”