Bill creating standard procedures before paying hackers gets House committee nod

Cybercrimes and Corporate Espionage
Bill is less absolute than another bill in the House that would prohibit paying hackers at all.

A bill advanced Tuesday to require local governments to go through a checklist — including reports to law enforcement — before paying hackers for hijacked data.

The Committee on Military and Veterans Affairs, Space and Domestic Security approved Sen. Travis Hutson’s proposal (SB 1670). The bill is not so strict as other legislation (PCB Sat 22-02) forbidding paying hackers’ demands altogether.

Instead, it outlines training certain government employees should have and requires local governments to have a cybersecurity plan.

“This bill deals with the importance of being on top of and training for cybersecurity attacks, which are very prevalent and ever-increasing means by which our adversaries around the globe seek to gain information and also sabotage our systems within our country,” said Sen. Danny Burgess, who stood in place of Hutson to introduce the bill.

A rising wave of hackers is using ransomware to target government entities.

The city of Riviera Beach agreed to a $60,000 ransom payment to regain data access in 2019. The Broward County schools refused to pay a $40 million ransom demand and had some 26,000 files stolen from district servers posted online last April. The city of Pembroke Pines was hit with one last month that disabled the city’s systems. And in late 2021, Broward Health, one of the county’s two health care authorities, also had a breach that exposed patients and employee data.

This bill directs the Florida Digital Service to create a checklist for local governments to consider before paying out. Payouts would not be allowed until both the Florida Digital Service and local law enforcement are informed about the ransom demand.

Sen. Gayle Harrell called it an area that has been neglected.

“This is a step in the right direction,” Harrell said, “but we have a very long way to go in the state of Florida to truly address this.”

She noted that the bill does not explicitly include school district and constitutional officers that she believes absolutely need to be included.

Harrell added: “I … hope we can help it get better.”

Anne Geggis

Anne Geggis is a South Florida journalist who began her career in Vermont and has worked at the Sun-Sentinel, the Daytona Beach News-Journal and the Gainesville Sun covering government issues, health and education. She was a member of the Sun-Sentinel team that won the 2019 Pulitzer Prize for coverage of the Parkland high school shooting. You can reach her on Twitter @AnneBoca or by emailing [email protected].


One comment

  • Old Voter

    February 8, 2022 at 7:36 pm

    But what happens when the hacker also demands the state procedure be ignored, or records will be destroyed?

Comments are closed.


#FlaPol

Florida Politics is a statewide, new media platform covering campaigns, elections, government, policy, and lobbying in Florida. This platform and all of its content are owned by Extensive Enterprises Media.

Publisher: Peter Schorsch @PeterSchorschFL

Contributors & reporters: Phil Ammann, Drew Dixon, Roseanne Dunkelberger, A.G. Gancarski, Ryan Nicol, Jacob Ogles, Cole Pepper, Jesse Scheckner, Drew Wilson, and Mike Wright.

Email: [email protected]
Twitter: @PeterSchorschFL
Phone: (727) 642-3162
Address: 204 37th Avenue North #182
St. Petersburg, Florida 33704