3 States Working to Criminalize Ransomware Attacks

Unless you have disconnected yourself from all forms of media, you have probably read, seen and heard about cybercrime being on the rise in the United States and across the world. Whether for political or financial reasons, or just to prove they can, cybercriminals have actively targeted an array of industries and deployed a number of cyberattacks that have rocked small businesses.

Cybercriminals don't care who you are or what you do; once you're on their list, it's only a matter of time before you're hit. Guard your company's finances and reputation with cyberattack insurance.

And to really work to deter cybercriminals, think about contacting your congressman about drafting cybercrime legislation-three states already have: California, Maryland and Wyoming. Let's take a closer look at what these states are doing to combat cybercriminals and protect their hard working constituents.

California-SB-1137
The second state in the U.S. to criminalize ransomware attacks, California decided to take action against cybercriminals after a cybercrime ring targeted the Hollywood Presbyterian Medical Center. By deploying a ransomware attack, the hackers shut down hundreds of computer systems, forcing hospital staff to transcribe the daily goings-on for a couple of days.

Demanding a $3.6 million ransom for the computers to go back online, the hospital paid $17,000. Satisfied with the payment, hospital staff were able to connect once more.

Realizing that the health industry (and many others) are vulnerable to attacks, California lawmakers set themselves to the task of drafting and passing a law that would criminalize cybercrime. Approved by Governor Jerry Brown in September 2016 and made law in early January, California's new law (co-sponsored by TechNet and Los Angeles County District Attorney Jackie Lacey) details that if an individual is or is found to have been involved in a ransomware attack they "will be convicted of a felony and could be imprisoned up to four years."

Maryland-Bill in Process
Similar to California, Maryland's healthcare system has found itself in the cybercriminal's crosshairs. After several Maryland hospitals were hit by devastating ransomware attacks in 2016, Senator Susan Lee, D-Montgomery, has drafted a bill that outlines that perpetrators of a ransomware attack who extort less than $1,000 will be charged with a felony count. The penalty if found guilty could result in a $10,000 fine and a 10-year prison sentence.

To top it off, the bill also grants victims of a ransomware attack to sue the hacker for damages in civil court. By designing a bill with such severe penalties for cybercrime, Maryland lawmakers are hoping to deter hackers who would otherwise have targeted innocent parties.

Wyoming-W.S. 40-13-501, S.F. 35 and S.F. 36
In 2014, Wyoming lawmakers passed a law (the first in the country to do so) criminalizing cyberattacks. If a user was caught infecting systems with ransomware, they would face prison time and would pay a fine of thousands of dollars.

In 2015, Wyoming went a step further and signed two more bills into law that required affected parties of a cybercrime to share their findings with their clients or patients. If any type of identifiable personal information was stolen, including usernames, email addresses, birth certificates, wedding certificates, etc. they were to immediately notify all effected parties. If they did not, they too could land themselves in trouble.

If it's found that your organization did not take the proper steps to protect business affiliates, you could find yourself in court along with the cyberattacker. A small business insurance package coupled with cyber insurance will protect you after you've been hit by an attack and will cover you should you be taken to court.

What are you waiting for? Sign-up for an insurance plan with CyberPolicy today.

© 2016-2020 CyberPolicy, Inc. All rights reserved. CyberPolicy®, "Plan. Prevent. Insure."™, and "CyberCheckup"™ are trademarks of CyberPolicy, Inc.
DBA: CyberPolicy Insurance Solutions CA License No. 0L13180
DBA: CoverHound Insurance Solutions CA License No. 0H52375