Test Drive Our New Site! We have some improvements in the works that we're excited for you to experience. Click here to try our new, faster, mobile friendly beta site. We will be maintaining our current version of the site thru the end of 2024, so you can switch back as our improvements continue.
Legislation Quick Search
Advanced Search
Pennsylvania State Senate
04/24/2024 10:19 AM
Pennsylvania State Senate
https://www.legis.state.pa.us/cfdocs/Legis/CSM/showMemoPublic.cfm?chamber=S&SPick=20190&cosponId=31392
Share:
Home / Senate Co-Sponsorship Memoranda

Senate Co-Sponsorship Memoranda

Subscribe to PaLegis Notifications
NEW!

Subscribe to receive notifications of new Co-Sponsorship Memos circulated

By Member | By Date | Keyword Search


Senate of Pennsylvania
Session of 2019 - 2020 Regular Session

MEMORANDUM

Posted: March 10, 2020 01:20 PM
From: Senator Kristin Phillips-Hill
To: All Senate members
Subject: Commonwealth Ransomware Act
 
In the near future I will introduce legislation to ensure Commonwealth agencies have strong capabilities in place to discourage, combat and recover from ransomware attacks. These capabilities include measures to make illegal the possession, use, or transfer of ransomware, as well as prohibiting agencies from payment of ransom. Additional measures will help restore systems and captured information quickly, and provide timely public notification of such attacks.

Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. The software locks the user out of their files or their device, then demands an anonymous online payment to restore access.

Ransomware attacks nearly doubled in the past 2 years (source: Phishme). While most ransomware attacks are not reported in the news, in 2019 at least 966 U.S. government agencies, educational establishments and healthcare providers experienced ransomware attacks at a potential cost in excess of $7.5 billion. The impacted organizations included 113 state and municipal governments and agencies, 764 healthcare providers and 89 universities, colleges and school districts, with operations at up to 1,233 individual schools potentially affected.

A small sample of the impacts from these ransomware attacks include medical records were inaccessible and, in some cases, permanently lost; surgical procedures were canceled, tests were postponed and admissions halted; schools closed; students’ grades were lost; 911 services were interrupted; police were locked out of background check systems and unable to access details about criminal histories or active warrants; surveillance systems went offline; badge scanners and building access systems ceased to work; property transactions were halted; websites went offline; online payment portals were inaccessible; email and phone systems ceased to work; driver’s licenses could not be issued or renewed; and payments to vendors were delayed. (Source: EMSISOFT Malware Lab)

This legislation will discourage ransomware attacks by eliminating financial incentives for extortion, reducing the duration of disruption to our agencies’ services, and expanding prohibited acts subject to prosecution.

Please join me in cosponsoring this important legislation.