UK Government to prevent public sector paying ransomware

Chris Price News
Share


The UK government is set to implement new measures aimed at dismantling the business model of cybercriminals and bolstering national defences against ransomware attacks.

Following extensive public consultation, the proposed regulations will prohibit public sector bodies and critical national infrastructure operators, including the NHS, local councils and schools, from paying ransom demands.

Ransomware (malicious software that encrypts systems or steals data until a ransom is paid) costs the UK economy millions annually and poses severe operational, financial and even life-threatening risks. Nearly three-quarters of consultation respondents supported the ban, which aims to make vital public services less attractive targets for criminal groups.

For businesses not covered by the ban, mandatory notification of any intent to pay a ransom will be required. This will allow the government to provide crucial advice and support, including warnings about potential breaches of sanctions by inadvertently funding sanctioned cybercriminal organizations, many of which are based in Russia.

Additionally, new mandatory reporting requirements are being developed to furnish law enforcement with critical intelligence to track and disrupt perpetrators, while also better supporting victims.

Say Security Minister Dan Jarvis:

“Ransomware is a predatory crime that puts the public at risk, wrecks livelihoods and threatens the services we depend on….That’s why we’re determined to smash the cyber criminal business model and protect the services we all rely on as we deliver our Plan for Change.”

Adds Kev Eley, Vice President UKI at Exabeam, a leader in cybersecurity intelligence and automation:

“The UK government’s proposed ban on ransomware payments by public sector organisations and critical infrastructure providers marks a significant step forward in the nation’s fight against cybercrime. With this, the government is sending a clear message – cyber extortion will no longer be rewarded.
“As ransomware attacks grow in scale, sophistication, and impact, this move represents a much-needed effort to disrupt the criminal business model. Ransomware attacks have evolved from isolated IT incidents into significant threats to public safety and national stability. Disruptions to council services, school networks, and transportation systems are becoming increasingly common and frequently hitting national headlines. In the most extreme cases, such as attacks on healthcare, the consequences have even left lives at risk.
“What’s clear is the urgent need for organisations to bolster their defences to protect not only their businesses but also national resilience, as recently highlighted by the UK’s National Cyber Security Centre (NCSC). By banning ransomware payments and encouraging more robust defences, the UK government is taking an essential first step. But the real work lies ahead.”
For latest tech stories go to TechDigest.tv

Discover more from Tech Digest

Subscribe to get the latest posts sent to your email.