State Rep. Donni Steele on Friday called for legislative action to address ransomware attacks against Michigan hospitals. McLaren Health Care, which manages 13 hospitals across Michigan, confirmed this week that an ongoing criminal cyber-attack is affecting patient services.
Steele, R-Orion Township, said lawmakers should enhance the penalties for waging ransomware attacks and improve partnerships with local law enforcement to better respond to ransomware. Currently, the maximum penalty for hacking into a computer system in Michigan is only up to five years in prison. The maximum penalty for possessing ransomware is up to three years in prison.
“It’s unacceptable that criminal gangs who maintain a stranglehold over health care services for our communities face only five years in prison if they’re caught,” said Steele, who is a proud partner with local law enforcement and has been a champion against crime at all levels. “These attacks disrupt medical treatment for people in need. No cancer patient or expecting mother should have to worry about cyber criminals when seeking care at a local hospital.”
Ascension – which operates hospitals nationwide, including several in southeast Michigan – faced a similar ransomware attack earlier this year. The attack spanned two months before the hospital network could begin to resume normal operations. UnitedHealth Group paid $22 million in ransom as part of another incident.
“Lax punishments for ransomware attacks are opening the door for these criminals to target people and businesses in Michigan,” Steele said. “Clearly, this threat is not going away. This is the second devastating attack this year alone. Lawmakers cannot just sit on the sideline and hope everything works out. We must take a wholistic approach and ensure the state and federal government is partnering with local law enforcement to combat these threats. We need to guarantee police have whatever resources they need to protect our health care system.”
McLaren Health Care officials said the ransomware attacks have led to limited access to internal systems, resulting in non-emergency appointments, tests, and treatments being rescheduled. Staff didn’t confirm whether patient data had been compromised as part of the attack.
###
© 2009 - 2024 Michigan House Republicans. All Rights Reserved.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.