Susan Lee's (D-Montgomery) bill redefines a ransomware attack as a stand-alone felony in a case where the intent is to extort money, property, or anything of value from another. If passed those convicted would face a possible 10-year prison sentence and a fine up to $10,000. The proposed law would lower the standard of what is considered a felony to include extortion attempts of less than $1,000, according to NBCWashington.
Ransomware attacks are now handled under Maryland's extortion statute, under which criminals can be charged with either a misdemeanor carrying a maximum 18-month sentence and up to a $1,000 fine or as a felony with a possible $25,000 fine and 25 years in prison.
Several Maryland health care facilities were hit with Samsam ransomware last year.