Computer sabotage

from Wikipedia, the free encyclopedia

In Germany, computer sabotage is an offense in accordance with Section 303b of the Criminal Code ( StGB ) , which is punishable by imprisonment of up to three years, in particularly serious cases up to ten years, or a fine.


Computer sabotage within the meaning of German criminal law is the disruption of a third-party data processing system that is of essential importance for another. In contrast to the previous legal situation, the new Section 303b StGB not only covers the operational area, but also data processing that affects the private area. The amendment to Section 303b of the Criminal Code and the new version of the offense of computer sabotage took place in implementation of the Council of Europe Convention on Cybercrime and the implementation of Framework Decision 2005/222 / JHA of the Council of February 24, 2005 on attacks on information systems (OJ EU No. L 69 p. 67).


According to the last amendment to the 41st Criminal Law Amendment Act to combat computer crime in the version dated August 7, 2007, Section 303b of the Criminal Code reads as follows:

Section 303b computer sabotage

(1) Anyone who significantly disrupts data processing that is of essential importance for another by the fact that he

  1. commits an act pursuant to Section 303a (1),
  2. Enter or transmit data (Section 202a (2)) with the intention of inflicting another disadvantage
  3. a data processing system or a data carrier is destroyed, damaged, rendered unusable, removed or changed,

is punished with imprisonment for up to three years or with a fine.

(2) If it is a question of data processing that is of essential importance for a foreign company, a foreign company or an authority, the penalty is imprisonment of up to five years or a fine.

(3) The attempt is punishable.

(4) In particularly serious cases under subsection 2, the penalty is imprisonment for a term of between six months and ten years. A particularly serious case is usually when the perpetrator

  1. causes a large-scale loss of property,
  2. acts commercially or as a member of a gang that has joined forces to continue to commit computer sabotage,
  3. the act affects the supply of the population with essential goods or services or the security of the Federal Republic of Germany.

(5) For the preparation of a criminal offense according to paragraph 1, § 202c applies accordingly.


Denial of service attacks (DoS, DDoS) are generally regarded as acts according to Section 303b (1) No. 2 StGB. If the attack is triggered by IP spoofing, it is called a Distributed Reflected Denial of Service attack (DRDoS). The use of malware of various types (viruses, worms, Trojans and the like) can regularly meet the alternative of § 303b Paragraph 1 No. 1 StGB.

Criminal complaint

According to Section 303c of the Criminal Code, simple computer sabotage is only prosecuted upon request , unless the law enforcement authority considers ex officio intervention to be necessary due to the special public interest in criminal prosecution. If an application is made, the prosecuting authority will only bring charges if it affirms a (simple) public interest ( Section 376 of the Code of Criminal Procedure). Otherwise, the injured party has the option of filing a private suit ( Section 374 (2) of the Code of Criminal Procedure).

Offenses recorded in the police crime statistics (Sections 303a, 303b StGB)

  Number of offenses ( Sections 303a, 303b StGB )
in Germany (PKS 2004–2008)
2003 1,705
2004 3.130
2005 1,609
2006 1,672
2007 2,660
2008 2,207
2009 2,276

In 2008, a total of 2,207 offenses involving data alteration or computer sabotage were recorded in the German police crime statistics (PKS). The number of cases over the past few years can be seen in the diagram (PKS 2003–2008). In 2009 the PKS recorded 2,276 cases, which corresponds to a rather moderate increase of 3.1% in comparison with the growth in cases of computer crime in the PKS of 17.7%.

In terms of computer crimes, male adult suspects over the age of 21 predominate.

However, the exact extent of the offenses cannot be determined using statistics (police crime statistics, convict statistics, etc.). Due to different recording periods / data, changes in the legal situation in the meantime and other influencing factors, these statistics are not always directly comparable in Germany.

See also


Web links

Individual evidence

  1. Eckhardt: Legal Foundations of IT Security , DuD 2008, 330, 333.
  2. ^ Convention on Cybercrime. In: Liechtenstein Collection of Laws . Retrieved March 27, 2019 .
  3. Gercke: The Development of Internet Criminal Law in 2006 , ZUM 2007, 282, 284.
  4. BGBl . 2007, I, p. 1786f.
  5. Beck OK von Heintschel-Heinegg / Weidemann, § 303b StGB, Rn. 10.
  6. Gröseling, Höfinger, MMR 2007, 626, 627.
  7. ^ Wehner in Heidrich / Forgó / Feldmann: Heise Online-Recht , 1st supplementary delivery 2009, Heise Zeitschriften Verlag, ISBN 978-3-88229-272-5 , C. IV. 10, 11.
  8. Eichelberger: Sasser, Blaster, Phatbot & Co. - everything half as bad? - An overview of the criminal evaluation of computer malware, MMR 2004, 594, 596.
  9. ^ Wehner in Heidrich / Forgó / Feldmann: Heise Online-Recht , C. IV. 12, 13.
  10. ( Memento of the original from April 29, 2011 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. BKA Police crime statistics 2008 @1@ 2Template: Webachiv / IABot /
  11. Köppen: Development of computer, ICT and Internet crime in 2009 , DuD 2010, 771, 772.
  12. cf. so also the note from Gercke: The development of Internet criminal law 2009/2010 , ZUM 2010, 633, 640.