Should it be enacted, SB1740 will impose significant operational constraints on governmental units during cybersecurity incidents. The requirement for a Governor’s proclamation introduces a centralized decision-making process regarding the deployment of public funds for recovery efforts. This not only enhances oversight of government spending but also compels governmental units to act more judiciously when faced with ransom demands, encouraging them to bolster their cybersecurity measures to avoid such situations. Furthermore, the act restricts the ability of home rule units to authorize payments that are inconsistent with the new regulations, thereby limiting their decision-making authority on this critical issue.
SB1740, known as the Ransomware Attack Act, aims to regulate how governmental units in Illinois respond to ransomware attacks. Under this proposed legislation, governmental entities—including the State itself and local governmental units—are prohibited from using public funds to pay for the recovery of their computer systems after a ransomware incident unless they receive explicit authorization from the Governor. This authorization can only be granted through a disaster proclamation, which must declare the ransomware attack a disaster under the Illinois Emergency Management Agency Act. In addition, the bill mandates that any ransomware attack must be reported to the Department of Innovation and Technology within 24 hours of discovery.
The bill has sparked discussions regarding the balance of power between state and local authorities. Critics may argue that requiring a disaster proclamation for recovery payments could lead to delays in responding to ransomware attacks, thus exacerbating the damage incurred. Additionally, the limitations on home rule powers raise concerns about local governance and the state’s ability to micromanage responses to cyber incidents. Supporters, however, contend that a unified approach reduces the risk of taxpayers' money being used irresponsibly and promotes a more coherent state-wide response to cybersecurity threats.