Lawmakers in Maryland are debating a new bill that would make it illegal to own and distribute ransomware. Maryland would be the third state, after Michigan and Wyoming, to criminalize the possession and distribution of ransomware. The bill makes exceptions for penetration testing, security researchers, and other legitimate reasons to own ransomware. If the bill becomes law, using ransomware would be classified as a misdemeanor and carry a penalty of up to ten years in jail and/or a fine up to $10,000.”]