The American state of Michigan has passed legislation that forbids the possession of ransomware. Last Monday, Governor Rick Snyder signed legislation outlining specific penalties for cyber crimes involving ransomware. It was already forbidden in Michigan to use ransomware.
Cybercriminals in possession of ransomware, with the intention to infect computers and networks without permission, can get a felony penalty of up to three years imprisonment. Under the law, the possession of ransomware by security experts for research purposes is allowed.
The new legislation should make it especially easier for investigators to go after suspected ransomware developers, affiliates and anyone else involved the development and distribution of the malware.
“Cybercrime and tough measures to combat it is a rapidly evolving effort, and it’s integral our law enforcement agencies have the tools to identify, prevent and penalize it,” Governor Snyder said.
Michigan is no stranger to ransomware, the FBI reports that there were over 1,300 infections last year. One incident involved a Michigan utility that was infected with ransomware. The utility paid $25,000 in Bitcoins and reported $2.5 million worth of damage.