As the ‘Information Society’ emerges, the European economy and its citizens have become dependent on computers and communication networks. However, with the ravages of the viruses MyDoom and MS Blaster still being felt around the world, the vulnerability of computer systems and networks to criminal crime, as well as potentially terrorist activity, is still fresh in our minds. There is no agreed definition of what constitutes a ‘computer crime’. A computer may constitute the instrument of the crime, such as in murder and fraud; the object of the crime, such as the theft of processor chips; or the subject of the crime, such as ‘hacking’ or ‘cracking’. The involvement of computers may challenge traditional criminal concepts, such as fraud, as well as facilitating particular types of crime, such as child pornography. This article is concerned with the computer as the subject of the crime and with laws that have been established to specifically address activities that attack the integrity of computer and communications networks, such as the distribution of computer viruses. This article examines various initiatives to harmonise substantive criminal law to address the threat of computer integrity crimes, focusing specifically on a draft Council Framework Decision on ‘attacks against information systems’. Consideration is given to the impact the Decision may have when transposed into UK law, through an amendment of existing legislation, the Computer Misuse Act 1990.