Related Articles
A new Home Office consultation proposes that all public sector organisations and firms working in critical infrastructure should be banned from making ransomware payments.
A ban on paying a ransom is currently in place for UK Government departments, with this new plan also covering the NHS, councils, and other organisations.
Running from 14 January to 8 April, the consultation seeks to hear views on these proposals to better understand how to combat the increasing threat of cybercrime. Costing the UK economy many millions of pounds a year, ransomware attacks have hit the Royal Mail and critical suppliers to the UK hospitals over the past few years.
The UK Minister of State for Security, Dan Jarvis, said driving down cybercrime is central to the Government’s missions to reduce crime, deliver growth, and keep the British people safe.
“With an estimated £816 million ($1 billion) flowing to ransomware criminals globally in 2023, it is vital we act to protect national security as a key foundation upon which this government’s Plan for Change is built,” added Jarvis.
By outlawing the payment of cyber ransoms in essential sectors, the UK Government hopes to make it unattractive for hacking groups to target critical organisations, as they would not be able to profit financially.
Mandatory Reporting Regime Proposed
Alongside the ban, the Home Office-led consultation includes the establishment of a mandatory reporting regime for all ransomware attacks. This information would be used to support law enforcement agencies which are working to disrupt ransomware groups.
According to National Cyber Security Centre CEO, Richard Horne, the consultation is an essential part of the UK Government’s efforts to protect the country from the highly damaging impacts of ransomware attacks.
“Organisations of all sizes need to build their defences against cyber attacks such as ransomware, and our website contains a wealth of advice tailored to different organisations,” said Horne.
Horne added ‘using proven frameworks like Cyber Essentials, and free services like NCSC’s Early Warning, will help to strengthen their overall security posture’.
