Chapter 7D of the General Laws is hereby amended in Section 7 by adding the following subsections:-
(e) No State agency, local government entity, or municipality shall submit payment or otherwise communicate with an entity that has engaged in a cybersecurity incident on an information technology system by encrypting data and then subsequently offering to decrypt that data in exchange for a ransom payment.
(f) Any State agency or local government entity experiencing a ransom request in connection with a cybersecurity incident shall report to and consult with the CIO.
The information contained in this website is for general information purposes only. The General Court provides this information as a public service and while we endeavor to keep the data accurate and current to the best of our ability, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.