UK to ban making ransomware payments for some organizations — targets 'public sector bodies and operators of critical national infrastructure'

Ransomware gangs might have to scratch a few targets off their lists. The UK High Office and National Cyber Security Centre (NCSC) announced proposals to ban ransom payments in an effort to "crack down on cyber criminals and safeguard the public."

According to the announcement, the proposals would prohibit "public sector bodies and operators of critical national infrastructure, including the [National Health Service], local councils and schools," from making ransomware-related payments. They would also require other businesses planning to pay a ransom to notify the UK government so it can "provide those businesses with advice and support" before the payment is made. (Including a heads-up if such a payment would violate sanctions on Russia.)

The proposals wouldn't require companies to inform the UK government of a ransomware attack if they didn't plan to pay the ransom. But the announcement indicated that a mandatory reporting policy is in the works, too, in a bid to "equip law enforcement with essential intelligence to hunt down perpetrators and disrupt their activities" and "better protect British organisations and industry." That should make it more difficult to deploy ransomware in the UK without risking law enforcement's ire.

"The new package of measures will lead the way in tackling ransomware and are designed to strike against cyber criminals’ business model, bolstering our national security and protecting key services and businesses from disruption - delivering on our Plan for Change," the Home Office and NCSC said in the announcement. "They follow an extensive consultation with stakeholders across the UK, which showed strong public backing for tougher action to tackle ransomware and protect vital services."

The UK and Singapore previously said in January 2024 that they "strongly discourage anyone from paying a ransomware demand" because doing so:

• Does not guarantee the end of an incident, or the removal of malicious software from your systems
• Provides incentives for criminals to continue and expand their activities
• Provides funds that criminal actors can use for illicit activity
• Does not guarantee you will get your data back

Now the UK is looking to outright ban those payments rather than merely "strongly discouraging" them. The news follows reports earlier this week that a 158-year-old UK company was forced to shut down following a ransomware attack, at the cost of 700 jobs.

"Cyber criminals have not only cost the nation billions of pounds but in some cases have brought essential services to a standstill," the Home Office and NCSC said. "The devastating consequences are not just financial but can put lives in danger, with an NHS organisation recently identifying a ransomware attack as one of the factors that contributed to a patient’s death. These attacks have brutally exposed the alarming vulnerability at the core of our public and private institutions, from flagship British retailers and essential supermarkets including the Co-op to NHS hospitals."

Follow Tom's Hardware on Google News to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button.