Michigan Governor Rick Snyder signed last Monday two bills into law that criminalize the possession of ransomware. Up to three-year prison sentence, respectively is what you get if you possess any ransomware software. Legislators initially sought a ten years prison sentence but this was knocked down to three years in subsequent deliberations.
The two new laws aka PAs 95 & 96 of 2018 are both based on two bills, HB-5257, and HB-5258 which got introduced last year by Michigan House Representative Brandt Iden, of Oshtemo, and Representative James Lower, of Cedar Lake, respectively. James Lower said he wanted to correct a legislative loophole that only punished cybercriminals for using the ransomware, but not possessing it.
The entire story already started back in 2016, but it took a lot of infections and discussions in order to finally change something and react to the loopholes. The current law was signed in September 2016, but it did not take effect until earlier this week in America’s most populous state.
According to the FBI, ransomware payouts in the United States jumped from $25 million in all of 2015 to over $209 million in just the first quarter of 2016. The numbers increased drastically with each year.
Will this stop Ransomware? Nope, but it might help to reduce the damage and prevents some people from doing it because it’s now officially a crime to deploying ransomware. In my opinion, such things need to be handled a lot quicker but at least we finally got something – well better than nothing, right?
When will become internet tracking a crime? – That would be something too, I mean stalking is already illegal.
- GOV. RICK SNYDER SIGNS LEGISLATION PENALIZING RANSOMWARE CRIMES (michigan.gov)