Company News
Ride the Lightning (RTL) Featured in CloudNine E-Discovery Blog
March 5, 2020
On January 31, Doug Austin of CloudNine featured three Ride the Lightning (RTL) posts in his own blog: “How Many States Have Outlawed Ransomware? You May Be Shocked: Cybersecurity Trends”.
Excerpt: Care to hazard a guess? Ten? Twenty? More? Try TWO. Maryland is currently considering a bill to become only the third state after Michigan and Wyoming, to criminalize the possession and distribution of ransomware.
As noted by Bitdefender’s Hot for Security blog (with hat tip to Sharon Nelson’s Ride the Lightning blog), the bill understandably makes exceptions for penetration testing, security researchers, and other legitimate reasons to own ransomware.
Certainly a motivating factor may have occurred when hackers hit Baltimore, Maryland’s largest city, with a RobbinHood ransomware attack on May 7, 2019. All administrative transactions, payments and communications were frozen after city officials refused to pay the attackers. It took them more than eight weeks to restore all systems. Following the attack, Baltimore City’s board allocated $10 million to an emergency ransomware response to prevent similar attacks. When the dust settled, the city estimated recovery costs at $18 million.
The current law in Maryland specifies that a cyberattack that incurs damages of less than $10,000 is a misdemeanor and carries a punishment of up to five years in prison and a fine up to $10,000. If the damages pass the $10,000 mark, it turns into a felony, and the punishment goes up to 10 years in prison. The bill would dispense with limits for damages and raises the punishment to up to 10 years, even if it’s a misdemeanor.
This while the Insurance Journal reported (via Reuters – hat tip again to Ride the Lightning) last week that U.S. insurers are ramping up cyber-insurance rates by as much as 25% and trying to curb exposure to vulnerable customers after a surge of costly claims. While there were 6% fewer ransomware incidents in 2019 versus the prior year (according to Malwarebytes), the average ransom of $41,198 during the 2019 third quarter more than tripled from the first quarter, according to Coveware, which helps negotiate and facilitate the payments.
By the way, if you remember our post from a couple of weeks ago regarding Apple and Attorney General William Barr’s claim that they weren’t helping to crack into password-protected iPhones used by Pensacola Navy base shooter Mohammed Saeed Alshamrani (Apple, for their part, disputed Barr’s assessment that it failed to provide “substantive assistance”), Naked Security reported that Apple, under pressure from the FBI, backed off plans to let iPhones users have end-to-end encryption on their iCloud backups. Where did I find that out? You guessed it – Ride the Lightning (via Sharon’s post here). It’s the RTL trifecta! :o)