Two states senators, Republican Senator Phil Boyle and Democrat Senator David Carlucci have both proposed bills S7246 and S7289 respectively to stop municipalities and the government from using tax payers money to pay Ransomeware to hackers and cyber-hijackers.
Ransomeware is an emerging form of malware that locks the user out of their files or their device, then demands an anonymous online payment to restore access.
While it is not advisable to pay ransomware, many people and government around the world are still pressured into tight situations forcing them to pay up and since no law restrains it everyone just pays.
These two senators have taken it upon themselves to push for the enactment of a law prohibiting both government and municipalities from paying ransomware.
Both are under review and while both bills contain very similar texts and it is unclear which bill will pass one bill however S7246 also proposes creating a state fund to aid local municipalities in improving their cybersecurity posture:
“The Cyber Security Enhancement Fund that will make available grants and financial assistance to villages, towns, and cities with a population of one million or less for the purpose of upgrading the cyber security of their local government.”
Back in July 2019 the US Conference of Mayors unanimously adopted a resolution not to pay any ransom demands after being infected by ransomware. However, the resolution was as good as a handshake deal between parties with no substantial effort made towards legalising it.
The move by the two senators represent the first time any real move is being made towards the legalization of the decision that was made in July.
The move will encourage the locals, businesses and other organisations to resist cyber-criminals seeing that the law in a way insulates them from further attempts to block them from their systems.
The point is that since more individuals than not will choose to steer on the side of the law, cyber-criminals will be left thinking twice before blocking locals from their files. That’s not say that other criminal activities besides holding people to ransomeware could not be carried out but one thing is sure, the ransomware route is about to become unprofitable.