The Serious Nature of Ransomware
Ransomware is a particular type of malware (software designed to disrupt, damage, or gain unauthorized access to a computer system). It uses encryption to hold the victim’s information at ransom. With critical data encrypted, the user or organization cannot access its databases, files, or applications. Then a ransom is demanded to restore access, from which the term ransomware derived.
Ransomware attacks are becoming more common and more sophisticated in the U.S. Consequently, penalties for these attacks under federal law are becoming more severe.
How Does Ransomware Work?
Often, ransomware is designed to spread across networks, targeting databases and file servers. It can quickly paralyze an entire organization. Ransomware uses asymmetric encryption, as stated by McAfee, a method that uses a public-private pair of keys to encrypt and decrypt a file. The attacker generates the pair of keys uniquely for the victim. The private key, which is used to decrypt the victim’s files stored on the attacker’s server, is only made available after the ransom has been paid.
There are countless variations of ransomware. It is often distributed through email spam campaigns or with targeted attacks. Once the victim’s files are encrypted, the ransomware prompts the victim to pay the ransom within 24 to 48 hours to decrypt the files, or they will be lost forever. Without a data backup that is not encrypted, the victim may have no other alternative than to pay the ransom.
What are the Federal Laws Concerning Ransomware?
Cybercrime, including ransomware, is growing rapidly in the U.S. Federal laws have been enacted to address this growing threat to businesses, medical facilities, and governmental agencies. Although there is no federal law that specifically addresses ransomware attacks, law enforcement relies on specific federal laws to bring ransomware charges.
- Computer Fraud and Abuse Act (CFAA): Most ransomware cases in the U.S. are investigated by the FBI and prosecuted under CFAA, which is found at 18 U.S. Code Section 1030. The Computer Fraud and Abuse Act is broadly used by prosecutors against defendants who transmit programs, information, command, or code to a computer system or network to cause damage. It requires evidence of intent to cause harm or damage, which protects individuals who unknowingly and unintentionally spread ransomware.
- Electronic Communications Privacy Act (ECPA): The Electronic Communications Privacy Act of 1986 (18 U.S. Code Sections 2510-2523) is an amendment to the federal wiretapping act. This law targets interception and corruption of communications sent or stored electronically. ECPA can be used by prosecutors in ransomware cases.
What are the Penalties for Ransomware?
Penalties for the conviction of offenses under the federal Computer Fraud and Abuse Act can be severe. You may be facing a fine, imprisonment for not more than 10 years, or both for a first offense. A conviction with a second offense carries a prison sentence of not more than 20 years, fines, or both.
How do you Beat Ransomware Charges?
If you have been charged with a crime related to release, implementation, or spread of ransomware, your best course of action is to consult with an experienced lawyer right away. Cybercrimes such as ransomware carry heavy penalties under federal law. After a thorough investigation of your case and a review of the evidence against you, your attorney can challenge the prosecution’s evidence and raise every available defense to obtain the best possible outcome for you.
Why Choose Us?
At Werksman Jackson & Quinn LLP, we specialize in handling matters of great personal consequence with the utmost discretion. Our firm has a proven track record of resolving issues quickly and quietly. Attorney Mark Werksman is well-known for his federal defense work. We offer a free initial consultation. If you are facing ransomware charges, call us today at (213) 688-0460.