Related Articles
The UK Home Office has launched a consultation on proposals designed to protect the UK’s critical infrastructure from its most “immediate and disruptive threat” – ransomware attacks.
On Tuesday (14 January), the UK government proposed a series of measures aimed at protecting UK businesses from the prevalent threat of ransomware attacks – a form of cybercrime costing the UK economy billions of pounds each year.
Current UK legislation prevents only government departments from conceding to ransom demands in cyber-attacks. However, the new proposals seek to expand the scope of this ban by prohibiting all public sector bodies and critical national infrastructure – including the NHS, schools and local councils – from making ransom payments. Such payments are demanded by bad actors after a malicious software infiltrates an electronic device for the return of data, to restore system access or to prevent the publication of a victim’s data online. Recent targets have included major Royal Mail and London hospital suppliers.
This widened parameter aims “to strike at the heart of the cybercriminal business model” and protect UK businesses. Between September 2023 and August 2024, the National Cyber Security Centre (NCSC) dealt with 430 cyber incidents, including 13 ransomware attacks which were categorised as nationally significant with potential for serious harm to the wider economy and essential services.
By making these essential national services an “unattractive target” for cyber criminals, the UK government seeks to protect the UK economy from what the NCSC’s 2024 annual report described as “the most immediate and disruptive threat to the UK’s critical national infrastructure”. Disrupting the flow of money to ransomware criminals would not only serve to deter cyber criminals from future UK attacks but also to disrupt the flow of illicit funds poured into further criminal activity.
Alongside the expanded ban on ransomware payments, the UK government has proposed a ransomware payment prevention regime, which would serve to enhance the National Crime Agency’s (NCA) awareness of criminal ransom demands and live attacks; enable payments to flagged criminal groups and sanctioned entities to be blocked; and provide support to victims faced with ransom demands.
In an attempt to bring ransomware incidents out into the open, a mandatory reporting regime has also been proposed, with a suggested reporting timeframe for suspected attacks of 72 hours. Such an approach would augment UK law enforcement agencies’ intelligence, helping the bodies to identify and warn of emerging threats while prioritising investigations into the ransomware groups posing the greatest risk to UK infrastructure.
Last year, the UK government imposed sanctions on 16 members of Russian-affiliated cybercrime organisation Evil Corp as part of a major international effort to disrupt major international cybercrime groups. In a press release, the UK Home Office confirmed that the proposed measures would support global operations seeking to crackdown on some of the world’s most dangerous cybercrime networks.
The Home Office-run consultation – which is open to the public with a particular focus on those who anticipate having to comply with the proposed measures, as well as those in industry and research – closes on 8 April 2025.
NCSC CEO Richard Horne said: “This consultation marks a vital step in our efforts to protect the UK from the crippling effects of ransomware attacks and the associated economic and societal costs.”
Security Minister Dan Jarvis commented: “Driving down cybercrime is central to this government’s missions to reduce crime, deliver growth, and keep the British people safe.” He added: “These proposals help us meet the scale of the ransomware threat, hitting these criminal networks in their wallets and cutting off the key financial pipeline they rely upon to operate.”
Source link
