Britain’s anti-hacking laws are outdated and placing the country’s cybersecurity at risk, according to a new report released Wednesday.

The Computer Misuse Act 1990 is now 30 years old and must be updated, according to the Criminal Law Reform Now Network (CLRNN), a group of academics from Birmingham and Cambridge universities that specializes in legal reform projects.

CLRNN said current cybercrime laws are “preventing cybersecurity professionals from carrying out threat intelligence research against cybercriminals and geopolitical threat actors,” which is “leaving the U.K.’s critical national infrastructure at increased risk.”

The law is meant to criminalize cyberattacks such as malware

Read more: Outdated laws put UK's cybersecurity at risk: report