Security News > 2020 > January > New York wants to ban taxpayer-funded ransomware payments
New York state senators have proposed two bills that would require government agencies to tell ransomware attackers to get lost.
We've seen mayors in US cities resolve to eschew paying ransom to get their systems back from attackers, but New York is the first state to make a move in that direction - and to back it up with actual legislation.
In its resolution, the mayors cited at least 170 county, city, or state government systems that have experienced a ransomware attack since 2013, with 22 of those attacks having occurred in 2019 alone, including the cities of Baltimore; Albany, New York; and the counties of Fisher, Texas and Genesee, Michigan.
Ransomware attacks against state and local governments, while on the rise, are underreported - largely because there's no requirement that forces governments to do so.
1) What happens if a NY-based municipal hospital is attacked, and the downtime causes the loss of life that could have been avoided if they were allowed to pay? 2) Are the state's municipal organizations adequately staffed and budgeted with plans, backup systems, and security programs to effectively repel and recover from an attack without creating material interruption to civic operations?