The Home Office also proposes to mandate reporting ransomware incidents to improve the government’s awareness of live attacks.
The UK government plans to tackle ransomware by proposing legislation that bans public sector bodies in the country from paying ransoms to cyberthreat actors.
In the nearly three-month long consultation launched by the country’s Home Office yesterday (14 January), the government said the move would deter threats by making public bodies an unattractive target for cyber criminals who generally launch malicious attacks at organisations for a payout.
In addition, the proposal also mandates every victim of ransomware, including private organisations and individuals, to report the incident, allowing authorities to provide support while improving their understanding of the country’s cyber crime landscape.
The ransomware payment prevention regime will also increase the National Crime Agency’s awareness of live attacks and demands, which will enable authorities to identify criminal groups, sanction and block them, the proposal argues.
Moreover, according to the proposal, a better understanding of the scale, type and sources of ransomware threats will allow the Home Office to provide up-to-date guidance and support organisations in improving their resilience.
The National Cyber Security Centre managed 430 cyber incidents between September 2023 and August 2024, the UK government said, including 13 ransomware incidents which the government deemed to be nationally significant.
Commenting on the proposal, UK’s security minister Dan Jarvis said: “With an estimated $1bn flowing to ransomware criminals globally in 2023, it is vital we act to protect national security …
“These proposals help us meet the scale of the ransomware threat, hitting these criminal networks in their wallets and cutting off the key financial pipeline they rely upon to operate.”
The UK has placed increased focus on tech infrastructure in the country, inviting billions in investments and classifying data centres as critical national infrastructure, putting them on equal footing with vital public services such as water, energy and emergency systems.
At the time, the country’s secretary of state for science, innovation and technology, Peter Kyle said that the designation would allow for better coordination and cooperation against cybercriminals.
However, experts told SiliconRepublic.com that ransomware incidents will likely increase and become more sophisticated this year.
“The emergence of ransomware-as-a-service will make it easier for cybercriminals to launch attacks without technical expertise, leading to a broader range of organisations, including smaller businesses, becoming targets,” said Chandrodaya Prasad, the executive VP of product management at US cybersecurity company SonicWall.
Although paying up doesn’t always mean an organisation’s problems are solved, Dr Darren Williams, the CEO and founder of BlackFog, a global cybersecurity company specialising in ransomware prevention, pointed out.
“At the end of the day, you are negotiating with criminals who are unlikely to uphold their end of the deal, and it many cases they go further than leaking stolen data by targeting the same victim a short time later.
“There is no doubt that a ban on ransom payments would make ransomware less appealing to criminals, but firms need to get their house in order first by ensuring they have effective modern security solutions in place to defend against attacks.”
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.