Remote and hybrid work setups have gained popularity in recent years. It’s primarily thanks to the COVID-19 pandemic forcing companies to take their business operations online.
But as companies took more of their businesses online, cybercriminals have also taken notice. Ransomware attacks exploded in number at the height of COVID-19, and incidents continue to rise well into the current post-pandemic period.
You might think that only computer-savvy hackers can perform ransomware attacks. However, not only is ransomware easy to acquire by anyone, but they’re also simple enough to deploy by anyone with working computer knowledge.
Per Michigan law, ransomware attacks are crimes. A person found guilty of computer crimes in the state can face multiple convictions and penalties.
The law on ransomware
According to state law, it’s illegal for anyone to use a computer, program, software or network to commit, attempt to commit, conspire to commit or solicit someone to commit a crime. A criminal charge of using a computer to commit a crime also doesn’t stop a person from being charged with another violation.
This means anyone facing criminal charges for ransomware use could additionally face other charges, such as malicious threats to extort money.
Penalties for computer crimes
A person convicted of using a computer to commit a crime faces penalties based on the underlying crime related to the offense. These penalties include:
- Underlying crime is a misdemeanor or felony with a maximum prison sentence of one year or less: The convicted faces a misdemeanor that’s punishable by up to a year in prison and a maximum $5,000 fine.
- Underlying crime is a misdemeanor/felony, between one and two years of imprisonment: A conviction for computer crime leads to a felony punishable by up to two years in prison and a maximum fine of $5,000.
- Underlying crime is a misdemeanor/felony, between two and four years of imprisonment: The person is guilty of a felony on conviction, which carries up to four years in prison and a maximum $5,000 fine.
- Underlying crime is a felony, between four and 10 years of imprisonment: The person is guilty of a felony on conviction. The penalties include up to seven years imprisonment and a maximum $5,000 fine.
- Underlying crime is a felony, between 10 and 20 years of imprisonment: A conviction leads to a felony on record, with a prison sentence of up to 10 years and a maximum $10,000 fine.
- Underlying crime is a felony, imprisonment for 20 or more years, or life: A person convicted of computer crimes at this level additionally faces a felony conviction, with imprisonment for up to 20 years and a fine capped at $20,000.
Because ransomware involves extortion, the underlying crime for a person charged with using ransomware will be extortion for money. If a criminal charge of extortion leads to a conviction, the person is found guilty of a felony. The conviction carries a 20-year prison sentence and a maximum $10,000 fine. This means a succeeding computer crime conviction starts at the second-to-the-highest level.
In conclusion, ransomware is a crime that can lead to extremely severe punishments. No matter if a ransomware attack wasn’t successful or carried out, even planning a malware attack is a crime according to state rules.
Anyone who thinks they should launch a malware attack against an enemy or former employer should reconsider. And those who face charges will want to build a strong case because decades of prison await them.