Maryland bill would outlaw ransomware, keep researchers from reporting bugs

Enlarge / Sure, this will work. (credit: onathan Newton / The Washington Post via Getty Images)

Remember last May, when Baltimore City was brought to a standstill by ransomware? Hot on the heels of that—in fact, the same day that the ransomware attack was reported—Maryland legislators started working on a bill to fight the threat of ransomware.

The results could use a little more work. A proposed law introduced in Maryland's state senate last week would criminalize the possession of ransomware and other criminal activities with a computer. But while it makes an attempt to protect actual researchers from prosecution, the language of the bill doesn't exactly do much to protect the general public from ransomware or make it easier for researchers to prevent attacks.

The bill, Senate Bill 3, covers a lot of ground already covered by US Federal law. But it classifies the mere possession of ransomware as a misdemeanor punishable by up to 10 years of imprisonment and a fine of up to $10,000. The bill also states (in all capital letters in the draft) that "THIS PARAGRAPH DOES NOT APPLY TO THE USE OF RANSOMWARE FOR RESEARCH PURPOSES."

Read 5 remaining paragraphs | Comments

via Biz & IT – Ars Technica https://ift.tt/2RxdgOx