Hackers who infiltrate computers and render them unusable until a ransom is paid could be charged with extortion in California under a new state law.
Gov. Jerry Brown on Tuesday signed legislation intended to arm prosecutors with clear legal authority to go after criminals who illegally access and hold hostage a computer or network in exchange for payment.
“Unfortunately, we’ve seen a dramatic increase in the use of ransomware,” bill author Sen. Bob Hertzberg, D-Van Nuys, said in a news release after the governor signed the bill. “This bill treats this crime, which is essentially an electronic stickup, with the seriousness it deserves.”
Hertzberg’s bill, SB 1137, updates the state penal code and classifies ransomware as felony extortion, which carries up to a four-year jail term and a fine of up to $10,000.
In the last few years, hospitals, governments and private companies in California have been increasingly confronted with so-called ransomware attacks — their computers and networks shuttered by hackers demanding payment. Hackers have stolen passwords and gained access to bank accounts or other private or sensitive information.
FBI statistics show ransomware payments skyrocketed to more than $209 million in in the first three months of 2016 compared to $25 million for all of last year, according to Hertzberg’s office.
Los Angeles County District Attorney Jackie Lacey, who sponsored the bill, said ransomware can be “immensely costly and terrifying to victims whose data is held hostage.” She warned such attacks also threaten public safety when hackers target hospitals, fire and rescue.
