North Carolina General Statutes 143-800. State entities and ransomware payments
(a) No State agency or local government entity shall submit payment or otherwise communicate with an entity that has engaged in a cybersecurity incident on an information technology system by encrypting data and then subsequently offering to decrypt that data in exchange for a ransom payment.
(b) Any State agency or local government entity experiencing a ransom request in connection with a cybersecurity incident shall consult with the Department of Information Technology in accordance with N.C. Gen. Stat. § 143B-1379
(c) The following definitions apply in this section:
(1) Local government entity. – A local political subdivision of the State, including, but not limited to, a city, a county, a local school administrative unit as defined in N.C. Gen. Stat. § 115C-5, or a community college.
Terms Used In North Carolina General Statutes 143-800
- following: when used by way of reference to any section of a statute, shall be construed to mean the section next preceding or next following that in which such reference is made; unless when some other section is expressly designated in such reference. See North Carolina General Statutes 12-3
- Oversight: Committee review of the activities of a Federal agency or program.
- state: when applied to the different parts of the United States, shall be construed to extend to and include the District of Columbia and the several territories, so called; and the words "United States" shall be construed to include the said district and territories and all dependencies. See North Carolina General Statutes 12-3
(2) State agency. – Any agency, department, institution, board, commission, committee, division, bureau, officer, official, or other entity of the executive, judicial, or legislative branches of State government. The term includes The University of North Carolina and any other entity for which the State has oversight responsibility. (2021-180, s. 38.13(a).)