Slashdot Mirror

← Back to Stories (view on slashdot.org)

New California Law Finally Makes Ransomware Illegal

Posted by msmash on from the enough-already dept.

Reader Trailrunner7 writes: It was nice to see the calendar turn over to 2017, for a lot of reasons, not the least of which is that on Jan. 1 a new law went into effect in California that outlaws the use of ransomware. The idea of needing a new law to make a form of hacking illegal may seem counterintuitive, but ransomware is a case of criminals outflanking the existing laws. Ransomware emerged in a big way a few years ago and the law enforcement community was not prepared for the explosion of infections. While there have been takedowns of ransomware gangs, they often involve charges of money laundering or other crimes, not the installation of the ransomware itself. In September, California Gov. Jerry Brown signed into law a bill that made the use of ransomware a crime, essentially a form of extortion. The law went into effect on Jan. 1.

5 of 128 comments (clear)

  1. I still don't get it. by gfxguy · · Score: 4, Insightful

    How was it NOT extortion before the law?

    --
    Stupid sexy Flanders.
    1. Re: I still don't get it. by bondsbw · · Score: 3, Insightful

      Isn't it? If "ransomware" is a superset of "ransomware programmed on a Tuesday yada yada", then surely "extortion" includes "extortion via ransomware" .

      --
      All my liberal friends think I'm a conservative, all my conservative friends think I'm a liberal.
  2. Outflanked the law? by wbr1 · · Score: 4, Insightful
    I do not know california code, but I imagine installing and running software without permission is already illegal, as is unauthorized use of a system and destruction of data. Not to mention fraud.

    So.. do we really need another law? For something that is largely coming from out of the country and is unlikely to result in a prosecution except MAYBE at the federal level?

    --
    Silence is a state of mime.
    1. Re:Outflanked the law? by wbr1 · · Score: 3, Insightful

      Software installed through deception is NOT installed with permission. This is computer fraud 101. Sure the operation can bypass system restrictions at any time, but actual permission lies with the user or owner, and software installed through fraudulent means such as deception, zero-days etc is still illegal should not be considered as having been granted owner/operator permission.

      --
      Silence is a state of mime.
  3. Wonderful. Glad that won't we an issue anymore by NotARealUser · · Score: 3, Insightful

    If it were only so simple... This does nothing to actually prevent ransomware.

    At least the good people of California can cite a specific law instead of the broader extortion laws when they are victimized. I really think there is no point to this law. It has no means to solve the ransomware issue, it simply makes a specific case out of something that was already illegal.