Ransomware Legislation

The Surprising Truth About Ransomware Laws

Imagine there is a person right now with possession of a ransomware malware that is targeting you and your business. Before they get a chance to use it, you discover their scheme and call the authorities. You would think for certain that they would be penalized by the law. And you would be right, but not entirely. If this scenario were to take place in most U.S. states outside of California, Michigan, and Wyoming your hacker would be completely fine in a legal sense. In 2019, ransomware had affected at least 113 state and municipal governments and agencies, 764 healthcare providers, and 89 school districts, with estimated costs of $7.5 billion. One would think that with the large scale of the damage that it has caused, that possession of ransomware would be illegal everywhere. But surprisingly this has not been the case. Only a handful of states including California, Michigan, and Wyoming have deemed possession of ransomware illegal. This means for the vast majority of states in the U.S., it is not a crime for someone to own ransomware. Some states such as Maryland have recently begun to take action against this. This past week it was announced that Maryland lawmakers were introducing a bill that would punish Marylanders who possess ransomware with the intent to use it to cause harm. While this is a good step forward for the state of Maryland in regards to cyber security legislation, we cannot celebrate until every state follows suit.


What Makes Ransomware Dangerous?

Ransomware is an issue that has previously been discussed by us just a few months ago but we continue to see ransomware attacks pop up daily. There seems to be nothing slowing it down with more casualties coming to light. According to Appriver’s quarterly cyberthreat index for businesses, 55% of small and medium sized businesses would give into the hackers demand in a ransomware attack. Even more alarming is the fact that the number jumps to 74% for larger small to medium sized businesses who employ between 150-250 employees. With large success rates such as these, it may be a big indication as to why ransomware is becoming more prevalent. These staggering stats underscore how crucial it is that all states, not just a few, begin to make possession of ransomware illegal because without the legislation, most businesses would go under by meeting hackers’ demands. Currently using ransomware is illegal but as we see with the rising numbers it just is not good enough. In order for businesses to truly feel safer, possession of ransomware must be outlawed completely. Much of the conversation thus far has been on what lawmakers should do when in reality small businesses have some part to play in this battle as well. While most small businesses are the target of these ransomware attacks, they should not rely entirely on laws to benefit them but rather take proactive measures to protect themselves from these attacks. Some of these measures include having consistent back ups and a trustworthy security assessment to ensure a business has a quality cyber security structure. Ransomware may seem daunting at first but we at Tiro Security are here to help.


Why Tiro Security Is The Choice For You

Despite the fact that legislation is tightening on ransomware we are still a while away until ransomware possession is completely illegal everywhere and even then that might not stop foreign actors. In the meantime, Tiro Security is here to minimize your risk of a ransomware attack. We have the experience and knowledge necessary to make sure that you and your business are well informed for future ransomware attacks. For more information and solutions, continue checking out our website or call us at (424) 216-8476.