A new bill introduced in the Maryland Senate aims to make the possession of ransomware illegal in the state.
Maryland’s ransomware problems
In May 2019, the city of Baltimore experienced its biggest run-in with ransomware. One of the largest municipalities in the city was attacked by ransomware and malicious actors asked for 13 Bitcoins to release their systems. They held the data of the city hostage for about 3 weeks after which the authorities had to pay the cryptocurrency amount and regain access to their systems. This was the second time in one year that the city’s IT infrastructure was attacked.
Now, Democratic State Senator Susan Lee has introduced a new bill that would make the possession of ransomware a crime. However, to protect cybersecurity researchers who may have access to such software, Lee wrote that the crime would be applicable only when a person holds the ransomware with an intent to harm another computer, system or database. Though the bill isn’t enough to stop cryptojacking, it gives legal backing to the prosecutors and law enforcement who get hold of such malicious actors.
Maryland legislation shapes up
Even though cryptojacking and ransomware are two of the biggest threats to computer systems these days, there are very few states in the US that have adequate legislation to deal with them. The growing number of criminal activities in these two sectors has created big problems IT infrastructure operators.
Cybersecurity research firm Proofpoint recently reported that about half of US organizations were victims of phishing and ransomware in 2019. Even though the FBI is trying to ramp up its preparedness to handle cybercrime, they is yet to catch up with the consistently increasing number of victims.
Security researchers pointed out a large number of malware that are being used to operate ransomware attacks. Even the NSA was attacked by hackers called Shadow Brokers who then sold the hacking tools used by the government agency on the dark web. A malware called Robinhood targeted Baltimore. Other prominent malicious software on the market are Wannacry, Ryuk, and Eternal Blue, the NSA’s own tool.