Ransomware: UK wants to ban government agencies from paying ransoms

In the UK, government institutions and operators of critical infrastructure are to be banned from paying ransoms following a ransomware attack. Companies that are not affected by this are to be obliged to inform the government before making such a payment. This was announced by the government after the public consultation process for the measure has now been completed. According to the announcement, almost three quarters of those involved were in favor of the plans. The aim of the plan is to target the business model behind ransomware attacks and make public bodies a less interesting target.

Drying up the business

According to the government, the ban on ransom payments would apply to the UK's public healthcare system, local authorities and schools, for example. Companies that do not fall under the ban and are planning to make a payment are to be advised and possibly warned if they might be in breach of sanctions. This could be the case if the money goes to one of the many ransomware groups originating from Russia. In addition, a reporting obligation is being prepared that would make it easier for law enforcement authorities to take action against those responsible for such malware.

In the communication, the government also once again urges the various organizations in the country to do more for cyber security. This includes offline backups, plans for longer periods of operation without IT and a "well-established practice of restoring data from backups". Cybercrime, for example with ransomware, has caused billions in damage and also endangers human lives. It was only recently made public that a cyber attack contributed to the death of a person for the first time. It had demonstrably led to a delay in patient care and thus to the death.

Ransom payments following ransomware attacks fell significantly in 2024, a blockchain analysis company found at the beginning of the year. Chainalysis blamed this on measures taken by law enforcement authorities, better international cooperation and more frequent refusals to pay. London now wants to push ahead with the latter in particular. However, the low reliability of criminals has probably also contributed to this; victims simply cannot assume that they will get their data back once they have paid. This was the result of a study a year ago. At the time, it was also stated that a ban on such payments had not had any noticeable effect.

Read also

Missing Link: 35 years of ransomware – It began with a simple floppy disk

(mho)