British Government Will Ban Payment For Ransom Attacks 

Uploaded on 2025-01-15 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

Businesses in the UK are set to be protected by new ransomware ban to tackle the threat of cyber crime, which is estimated to cost the UK economy billions of pounds every year. 

The proposed legislation follows a series of serious ransomware attacks on the National Health Service (NHS), the British Library and the Royal Mail, that have caused severe disruption and cost millions in recovery costs. 

The intention is to make public sector and infrastructure organisations less appealing as targets for ransomware gangs.

Ransomware is malicious software which infects a victim’s computer and demands a ransom from them in order to give them back access to their system, for their data to be restored, and often for the hackers not to publish the victim’s data on the web.

Aiming to undermine the cyber criminal business model and protect UK businesses by deterring threats, proposals include banning all public sector bodies and critical national infrastructure, including the NHS, local councils, and schools, from making ransomware payments, in order to make them unattractive targets for criminals. This is an expansion of the current ban on payments by government departments.

In a crackdown on such cyber attacks, operators of critical national infrastructure will be barred from bowing to demands when criminal gangs hold IT systems hostage. Payouts by private companies will have to be reported to the government and could be blocked if they are made to sanctioned groups or foreign states. Reporting ransomware attacks will also be made mandatory if the proposals become law.

The ban will also apply to critical national infrastructure such as energy and transport networks. Government departments are already banned from paying ransomware gangs.

They also include a new payment prevention regime, where victims not covered by the ban will be required to report their intention to pay to the government. The payment will then be assessed, and the government which will have the power to block it.

These measures appear to have widepspread industry support. According to Mike Kiser, Director of Strategy & Standards at SailPoint "“Ransom payments should be banned: increasing payouts mean a corresponding rise in malicious activity. However, as soon as laws are passed to ban ransom payments, an underground market is likely to arrive – resulting in a hidden economic system. Who is then held responsible for violating laws - is it the corporate entity or the fault of the security executive? The time for action to mitigate the rise of ransomware is now. But as with so many other elements of life, prevention is better than cure.”

The technology exists to protect these government organisations, but many NHS trusts and councils are still using older IT infrastructures that are typically more vulnerable to attack. Simon Jelley, VP and GM Data Protection at Arctera commented "This new no-pay mandate will need to come with a strong wraparound package of guidance and financial support to ensure that government organisations have expertise and tools to simply achieve true resilience.” 

Paying ransom is officially discouraged by UK authorities but is not illegal, depending on who is being paid. However, has been illegal for some time to pay a ransom if the victim suspects that the proceeds are going to a terrorist organisation.

Gov.UK   |   NCSC   |    Guardian   |    ITPro   |     Intelligent CISO   |   Holyrood   |    Computer Weekly    

Image: XtockImages

You Might Also Read:

Strengthening Britain's Cyber Defences:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Understanding The Importance of Kernel-Level Security
Resident Biden’s Final Cyber Security Executive Order   »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CIRCL

CIRCL

CIRCL is the national Computer Incident Response Center of Luxembourg

National Cyber Security Directorate (DNSC) - Romania

National Cyber Security Directorate (DNSC) - Romania

DNSC (formerly CERT-RO) is the Romanian national cyber security and incident response team.

Resource Centre for Cyber Forensics (RCCF)

Resource Centre for Cyber Forensics (RCCF)

RCCF is a pioneering institute, pursuing research activities in the area of Cyber Forensics.

GuardiCore

GuardiCore

GuardiCore is an innovator in internal data center security and breach detection and is transforming security inside data centers and clouds.

Sphonic

Sphonic

Sphonic provides regulated institutions of any size a powerful compliance & risk platform to quickly and securely onboard new customers and manage ongoing AML and Fraud & Risk trends.

Norsk Akkreditering

Norsk Akkreditering

Norsk Akkreditering is the national accreditation body for Norway. The directory of members provides details of organisations offering certification services for ISO 27001.

Dualog

Dualog

Dualog provides a maritime digital platform which ensures that services work reliably and securely onboard.

Haven Group

Haven Group

Haven Group and its companies are a cyber security one-stop-shop for our clients offering a full range of cyber security services to our clients in a unified and united way.

Conatix

Conatix

Conatix was formed to apply recent advances in AI and other fields of technology to insider fraud, one of the most intractable problems in cybersecurity.

Lucata

Lucata

Lucata solutions support groundbreaking graph analytics and improved machine learning for organizations in financial services, cybersecurity, healthcare, pharmaceuticals, telecommunications and more.

Asimily

Asimily

Asimily’s IoMT risk remediation platform holistically secures the mission-critical healthcare devices that deliver safe and reliable care.

Material Security

Material Security

Material is solving one of the most fundamental problems in security: protecting the data sitting in mailboxes.

eCapital

eCapital

eCAPITAL is a leading venture capital firm that provides early to growth stage funding to technology companies in fields including software & information technology, cybersecurity and industry 4.0.

Unciphered

Unciphered

Unciphered was created as the first company providing services for opening locked hardware cryptocurrency wallets.

ShieldIO

ShieldIO

ShieldIO Real-Time Homomorphic Encryption™ enables your organization to reach regulatory compliance without compromising data availability.

Sublime Security

Sublime Security

Sublime is an adaptive email security platform that combines best-in-class effectiveness with unprecedented visibility and control.