spread of ransomware

Maryland outlaws ransomware, calls for statewide security strategy

While state and local governments have been no strangers to cyberattacks, the ransomware attacks in Baltimore pushed the issue to the top of Maryland legislators priority list. In 2019, a ransomware attack on Baltimore City in 2019 made systems unavailable for weeks, disrupting city services. In November 2020, the Baltimore County public schools’ IT systems were hit.

On Oct. 1 two new laws went into effect:

  • SB623 prohibits the knowing possession of ransomware with intent to use. It also intentionally interrupting or impairing the functioning of a state agency, electricity or natural gas or other public service company, health care facility or a public school – with the exception of legitimate security researchers. Convicted persons will be subject to fines, jail time and civil suits.
  • SB049 calls for the secretary of the Department of Information Technology (DoIT) to oversee a consistent cybersecurity strategy for state agencies and public universities and develop security guidance for local governments, school systems and other political subdivisions.

The two measures “go hand-in-hand,”  Sen. Susan Lee, (D-Montgomery), who sponsored both bills, told the Baltimore Sun.  “A lot of the ransomware attacks have been on localities and on city governments, on hospitals and critical infrastructures. At least we are taking a first step in addressing these cyberattacks against our localities.”

DoIT has already posted guidance on response and recovery planning and IT certification policies for state agencies. It also offers security awareness training and a managed firewall service for state as well as county and municipal governments. 

About the Author

Connect with the GCN staff on Twitter @GCNtech.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected