HARRISBURG, Pa. (WHTM) – Some state lawmakers are working on legislation to address how to deal with ransomware attacks.

Ransomware continues to impact government agencies, companies, schools and organizations across the state. It’s a type of malware thieves use to hold data hostage and make entities pay money to get it back.

The Senate Communications and Technology Committee is researching and talking with experts to put together guidelines. The goal is to be ahead of the criminals behind future attacks.

“We’re finding it very common amongst health care entities, education institutions, and also with government, particularly smaller government entities,” said Senator Kristin Phillips-Hill, the chair of the Senate Communications and Technology Committee.

Phillips-Hill also wants the legislation to include ways to reduce vulnerability, like backing up data.

“Oftentimes, the organizations that are being engaged in ransomware attacks are very nefarious organizations,” said Phillips-Hill. “They have ties for organized crime, to terrorist organizations, and the last thing that I want to see happen is to see taxpayer dollars being sent to those types of organizations.”

“How most ransomware is actually introduced is sending it through fishing emails to employees, so employees clicking on links within emails, then takes them to a site then download malicious malware onto the computer. They might not have any idea,” said John Sancenito, a security expert who is the president of Information Network Associates, which helps companies with recovery after data breaches.

Sancenito say there are many different forms of ransomware, and even when you pay the ransom, you still may not get the data back that your organization needs.

Within the last year, the Wyoming Area School District sent payments of more than $38,000 to a hacker.

In 2018, the Senate Democratic Caucus was attacked.

We asked for an update on that this week, and were told the caucus did not pay a ransom.

A representative told us the FBI and law enforcement advised them not to share information about who was behind the attack.

“It’s how long can the company be without their data,” said Sancenito.

The U.S. Department of Homeland Security advises companies attacked by ransomware reach out to the Cybersecurity and Infrastructure Security Agency, the FBI or the Secret Service.

“We are trying to catch up with it but the legislation is always going to be far behind the curve, and the technology is always behind the curve as well,” said Sancenito. “The bad guys are always finding new ways to exploit data systems.”

The Senate Communications and Technology Committee is also working on separate legislation to combat other forms of malware, like that which recently compromised data at at least 70 Rutter’s locations.