Senate Passes Legislation Targeting Cyber Terrorism

The New York State Senate today passed four bills to crack down on cyber terrorism and its rapidly expanding threat to the state’s security and finances. The legislation, sponsored by Senator Thomas Croci (R, Sayville), would enact tougher penalties for cyber-related crimes, create cyber security programs to identify potential risks and threats, and require the state to perform a comprehensive review of all its cyber security measures every five years. 

Senator Croci said, “Computer security breaches are one of the most serious threats to our national defense, our state’s homeland security, and the personal privacy of every New Yorker. These bills increase penalties for cyber crimes, help protect the vital information of private citizens, and provide a framework to make New York State’s computer infrastructure the most secure in the nation. New Yorkers live every day with the knowledge that we are a primary target for terrorism, including computer-based terrorism. They should be equally confident in our capacity to overcome these challenges.” 

The Senate passed legislation (S3407) that would establish the New York State Cyber Security Initiative to ensure that the state has a proper cyber security defense system in place. It includes:
> The New York State Cyber Security Sharing and Threat Prevention Program to increase the state’s quality and readiness of cyber threat information that will be shared with the public and private sectors; 
> A New York State Cyber Security Critical Infrastructure Risk Assessment Report to seek recommendations from experts to identify security threats facing the state, its businesses, and its citizens, as well as develop effective ways to combat these security threats; and
> The New York State Cyber Security Advisory Board, which assists the state in making recommendations and finding ways to protect its critical infrastructure and information systems, being codified into law. 
 
Also approved by the Senate today was a bill (S3404) that would create new penalties for cyber crimes. Under the measure, it would be a Class A felony for any person found guilty of intimidating, coercing, or affecting the public or a government entity by causing mass injury, damage, or debilitation of people or their property, including computers and related programs, data networks, or material. A new Class C felony would include anyone who uses a computer to cause serious financial harm affecting more than 10 people. 

Additional legislation (S3406) would make it a Class B felony for those who use a computer or device to carry out a cyber attack when such an attack causes financial harm in excess of $100,000 to another person, partnership, or corporation, individually or collectively.

The Senate also passed a measure (S3405) that would require the Division of Homeland Security and Emergency Services to work with the Superintendent of State Police, the Chief Information Officer, and the President of the Center for Internet Security to complete a comprehensive review of New York’s cyber security measures every five years, and create a sequential report to summarize its findings. The report would identify the state’s security needs and detail how those needs are being met to ensure that the best security practices are in place to protect New Yorkers from cyber terrorism.

The bills will be sent to the Assembly.