ransomware attack
(22) Ransomware attack The term “ransomware attack”— (A) means an incident that includes the use or threat of use of unauthorized or malicious code on an information system, or the use or threat of use of another digital mechanism such as a denial of service attack, to interrupt or disrupt the operations of an information system or compromise the confidentiality, availability, or integrity of electronic data stored on, processed by, or transiting an information system to extort a demand for a ransom payment; and (B) does not include any such event in which the demand for payment is— (i) not genuine; or (ii) made in good faith by an entity in response to a specific request by the owner or operator of the information system.