House Passes Bill Inspired by Baltimore Ransomware Attack
(Washington, DC) – The U.S. House of Representatives today passed bipartisan legislation drafted by Congressman C.A. Dutch Ruppersberger and a bipartisan group of lawmakers that authorizes a new federal grant program to help state and local governments protect their networks from cyber attacks. The bill was, in part, inspired by the 2019 ransomware attack on the City of Baltimore that is expected to cost more than $18 million.
State and local governments – which oversee water utilities and electricity, airports, schools, law enforcement, emergency rescue operations, hospitals and more – are already top targets for cyber attacks. The COVID-19 pandemic made things worse, with 2,400 American governments, healthcare facilities and schools falling victim to ransomware attacks last year as more services shifted online and more employees teleworked.
“Cyber criminals know that state and local government is where the rubber meets the road, providing essential services that we all rely on every day,” said Congressman Ruppersberger, who is a former County Executive. “Already, they’ve been able to disrupt medical treatment, remote learning and public transportation in the middle of a pandemic and things will get a lot worse if we don’t take action now. I want to thank my colleagues for supporting this legislation to give state and local governments the resources they need to invest in cybersecurity, protecting citizens and tax dollars.”
H.R. 3138, the State and Local Cybersecurity Improvement Act, establishes a $400 million Department of Homeland Security grant program that incentivizes governments to increase their own cybersecurity funding. Click here to learn more.
Stretched state and local budgets have not adequately funded cybersecurity. Research shows half of all states do not have a dedicated cybersecurity line item in their budget. In fact, most state cybersecurity budgets are less than 3 percent of their overall IT budget and face further cuts due to the pandemic, according to the National Association of State Chief Information Officers. The bill incentivizes governments to invest their own money in cyber protection with a graduating cost-share.