Murder, she wrote: Ex-FBI chief wants some ransomware crims charged with homicide

Lawmakers decry CISA cuts: 'We are shooting ourselves in the foot'
If a cyberattack leads to a death, that's murder.

A former FBI cyber division chief urged the US Justice Department to consider felony homicide charges against ransomware actors when attacks on hospitals lead to patient deaths.

In testimony before a US House of Representatives subcommittee hearing, Cynthia Kaiser , former deputy assistant director of the FBI's cyber division, implored lawmakers to "champion" the federal government to use three existing legal authorities to go after ransomware criminals who encrypt healthcare networks and systems.

"The gap between the severity of these crimes and the consequences that follow needs to close," Kaiser, Halcyon Ransomware Research Center SVP, told lawmakers on Tuesday.

Kaiser called on the US State, Justice, and Treasury departments to evaluate terrorism designations for "ransomware actors [who] knowingly and repeatedly target hospitals."
She also urged federal prosecutors to evaluate homicide charges when ransomware attacks against healthcare facilities cause patient deaths.

"Felony murder law does not require that a defendant pull the trigger, only that they commit a dangerous felony that results in death," Kaiser said, citing a University of Minnesota study that documented at least 47 deaths attributable to hospital ransomware attacks between 2016 and 2021.

"That number is almost certainly in the hundreds today," she added.

Additionally, Kaiser begged Congress to fully fund and reauthorize the State and Local Cybersecurity Grant Program, which took a hit during the first year of Trump's second term.

The President's 2027 budget proposal would slash CISA spending by an additional $707 million next fiscal year.

Other expert witnesses at the hearing and Democratic lawmakers on the subcommittees also advocated for increased funding for state and local governments - and, in turn CISA, which manages and supports many of the federal government's initiatives to boost state and local security posture.

The Institute for Security and Technology's Chief Strategy Officer Megan Stifel called on Congress to pass a long-term or permanent reauthorization of the information sharing authorities in the Cybersecurity Information Sharing Act of 2015, set to expire ( again ) on September 30.

Stifel also told lawmakers that the national security threat posed by ransomware has decreased since IST launched the Ransomware Task Force in 2021.

CISA lost millions in funding and about a third of its workforce ( close to 1,000 people ) this year.

One of these employees, David Stern, who led CISA's Pre-Ransomware Notification program, resigned in December .

"It's a really critical program that currently is not operating," Stifel said.

"The program received indications of warning from industry, in many cases supported by the Cybersecurity Information Sharing Act … This program was run by one individual who would receive these tips, and call victims who either already had a threat actor in their networks or were known soon to be targeted by these threat actors, and gave them notice that they were about to become a victim, and work with those victims to mitigate the risk."
Ransomware is occurring today because this administration drove out the expert, the federal employee, who was helping to prevent it to the tune of $9 billion.

We are shooting ourselves in the foot
Stern, in this role, sent pre-ransomware notifications to more than 4,300 organizations between late 2022 and late 2025, preventing about $9 billion in economic losses.

He spent more than a decade at CISA before being pushed out late last year.

"Nine billion dollars in damages that initiative prevented, in large part because of the work - I'll use the term Director Vought likes to use - of one bureaucrat," US Rep.

James R.

Walkinshaw (D-VA) said.

He's referring to the US Office of Management and Budget Director Russell Vought, who famously planned the Trump administration's scorched-earth policy on federal employees: "When they wake up in the morning, we want them to not want to go to work, because they are increasingly viewed as the villains.

We want their funding to be shut down…We want to put them in trauma."