REDDING >> Perhaps the most ominous part of cybercrime is the fact that those responsible for attacks are often tough if not impossible to track down. This makes arrests and prosecution for these crimes downright unfeasible. Lawmakers in California are trying to tackle this problem head on by targeting an especially malicious and sophisticated form of cyber-attack called ransomware.
Ransomware attacks involve criminals encrypting stolen data and demanding a high-priced ransom just to regain access. Ransomware attacks take hold of data when a user clicks on a malicious link or opens an infected email. If data isn’t backed up properly, businesses and individuals are left with no other option but to fork over digital cash directly to criminals to decrypt their data. The hard to trace attacks can originate from anywhere in the globe, and California businesses have felt the increasing burn of ransomware for years. Perhaps the most recently notable case was that of The Hollywood Presbyterian Medical Center. After being targeted by cyber criminals, the hospital was forced to have $17 000 exchanged for digital bitcoin currency and pay off the criminals to regain access to critical patient data.
Without a particular law to criminalize ransomware, prosecutors have been forced to try and prosecute ransomware cases using existing legal sanctions around computer fraud and extortion threats.
Cyber experts from Apex Technology Management believe that implementing specific ransomware criminal sanctions is a necessary step in getting on top of such a tricky issue.
“Putting a particular, severe law in place is undoubtedly a positive step.” Apex Technology Management’s Director of Sales & Marketing, George Passadakis says. “Criminalization won’t solve the problem completely, but it does send the message to cyber criminals that the state is taking this kind of malicious activity seriously.”
Under the new legislation, ransomware cyber-criminals who are caught would face up to four years in prison and a hefty $10 000 fine. While the law would provide prosecutors with resources and tools they didn’t have before, it is by no means a perfect solution or a fool-proof form of protection for business owners.
“The bottom line is, companies need to be informed and vigilant with or without a ransomware law.” Passadakis continues. “Staying alert and invest in a layered security solution combined with an efficient and monitored backup solution is truly the best approach to preventing ransomware attacks altogether or responding to them correctly when they do occur.”
