SENATE DOCKET, NO. 2020        FILED ON: 1/17/2025

SENATE  .  .  .  .  .  .  .  .  .  .  .  .  .  .  No.         

 

The Commonwealth of Massachusetts

_________________

PRESENTED BY:

Paul W. Mark

_________________

To the Honorable Senate and House of Representatives of the Commonwealth of Massachusetts in General
Court assembled:

The undersigned legislators and/or citizens respectfully petition for the adoption of the accompanying bill:

An Act protecting against cyber ransom.

_______________

PETITION OF:

 

Name:

District/Address:

Paul W. Mark

Berkshire, Hampden, Franklin and Hampshire


SENATE DOCKET, NO. 2020        FILED ON: 1/17/2025

SENATE  .  .  .  .  .  .  .  .  .  .  .  .  .  .  No.         

[Pin Slip]

 

[SIMILAR MATTER FILED IN PREVIOUS SESSION
SEE SENATE, NO. 35 OF 2023-2024.]

 

The Commonwealth of Massachusetts

 

_______________

In the One Hundred and Ninety-Fourth General Court
(2025-2026)

_______________

 

An Act protecting against cyber ransom.

 

Be it enacted by the Senate and House of Representatives in General Court assembled, and by the authority of the same, as follows:
 

SECTION 1. Chapter 7D of the General Laws as appearing in the 2022 Official Edition is hereby amended in Section 7 by adding the following subsections:-

(e) No State agency, local government entity, or municipality shall submit payment or otherwise communicate with an entity that has engaged in a cybersecurity incident on an information technology system by encrypting data and then subsequently offering to decrypt that data in exchange for a ransom payment.

(f)   Any State agency or local government entity experiencing a ransom request in connection with a cybersecurity incident shall report to and consult with the CIO.