The Obama administration has proposed tough new laws in response to a recent spate of attacks on critical online infrastructure.
In the last few months there has been a spate of high-profile cyber attacks on banking and government institutions like Citigroup, the IMF, CIA, FBI and the US Senate.
Under the proposed law, hackers would face 20 years in prison for endangering national security, 10 years for stealing data and three years for accessing a government computer.
The new law doubles the penalties in existing laws and imposes the same sentences for amateur hackers who do it for fun as for serious data thieves.
It is promising that the government is showing signs of taking this threat more seriously, however the penalties will only be a deterrent if hackers are caught and prosecuted, which can be difficult as the hackers use botnets and server mis-location to cover their tracks. Also, a lot of the more serious attacks have come from outside the country from places like China and Russia where the perpetrators may even be sponsored by the government. Tougher penalties will not matter to these types of hackers.
It would be much more effective to focus on prevention than to pay lip service to the issue by changing laws that are being ignored anyway.