North Carolina just passed a law prohibiting state and local governments from paying ransom to hackers who encrypt their computer systems; other states could follow suit. That could put rural governments at a disadvantage, since they are often more vulnerable to cyberattacks.
State and local agencies and governments in North Carolina may not pay or even communicate with hackers, according to the new law. "Rather than communicate with attackers, agencies must consult with the Department of Information Technology as described in this statute, which requires reporting cybersecurity incidents to the DoIT within 24 hours. Private sector entities are encouraged, but not required, to report cybersecurity incidents to the state’s IT department," Susan Miller reports for Route Fifty. Other states, including New York and Pennsylvania, are considering similar laws.
"According to a National Law Review article, lawmakers in North Carolina and Pennsylvania have suggested that hackers will have no financial incentive to attack agencies that are prohibited from paying ransoms and will look for victims in other states," Miller reports. "This strategy would put under-resourced agencies at a disadvantage, the article suggested, as they may be unable to restore or rebuild their systems after an attack."
No comments:
Post a Comment