Ransomware measures signal crackdown on cyber criminals

Ransomware is software used maliciously by cyber criminals to access victims’ computer systems. Systems and data can be encrypted, or sensitive data stolen, until such time that a ransom is paid.

Ransomware is estimated to cost the UK’s economy millions of pounds each and every year, with recent high-profile attacks highlighting the severe operational, financial and even life-threatening risks that can materialise.

Under the Government’s bold plans, public sector bodies (including the National Health Service and local councils) and the operators of Critical National Infrastructure would be banned from paying ransom demands to criminals, with nearly three-quarters of consultation respondents showing support for the proposals.

The ban would target the business model that fuels cyber criminals’ activities and render the vital services upon which the public relies a somewhat less attractive target for ransomware groups.    

Importantly, businesses not covered by the ban would be required to notify the Government of any intent to pay a given ransom. The Government could then provide those businesses with advice and support, including notifying them if any such payment would risk breaking the law by sending money to sanctioned cyber criminal groups (many of whom are based in Russia).

Procedures for mandatory reporting are also being developed, which would then equip law enforcement with the essential intelligence required to hunt down perpetrators and disrupt their activities, in turn allowing for better victim support. Consultation responses have shown strong support for a new mandatory reporting regime to better protect British organisations and industry.

Tackling ransomware

The new package of measures will “lead the way” in tackling ransomware, being designed to strike against cyber criminals’ business models, bolstering national security and protecting key services and businesses from disruption.

The measures emerge in the wake of an extensive consultation process involving stakeholders across the UK, which showed strong public backing for tougher action to tackle ransomware and protect vital services.

Security Minister Dan Jarvis commented: “Ransomware is a predatory crime that puts the public at risk, wrecks livelihoods and threatens the services we depend upon. That’s precisely why we’re determined to smash the business model used by cyber criminals and protect vital services.”

Jarvis added: “By working in partnership with industry to advance these measures, we’re sending a clear signal that the UK is absolutely united in the fight against ransomware.”

In addition to the proposed new measures, the Government continues to urge organisations across the country to strengthen their ability to maintain operations in the event of a successful ransomware attack. This includes having offline back-ups in place, tested plans to operate without IT for an extended period and a well-rehearsed strategy for restoring systems from back-ups.

Cyber criminals have not only cost the nation billions of pounds, but in some cases have brought essential and critical services to a standstill. The devastating consequences are not just financial. Attacks can also put lives in danger, with the National Health Service identifying a recent ransomware episode as one of the factors that contributed towards a patient’s death.

These attacks have brutally exposed the alarming vulnerability at the core of public and private institutions, from flagship British retailers and essential supermarkets (including the Co-op) through to National Health Service hospitals.

Technology infrastructure  

Rebecca Lawrence, CEO at The British Library, explained: “The British Library, which holds one of the world’s most significant collections of human knowledge, was the victim of a devastating ransomware attack back in October 2023. That attack destroyed our technology infrastructure and continues to impact our users to this day.”

Lawrence continued: “As a public body, we didn’t engage with the attackers or pay the ransom. Instead, we’re committed to sharing our experiences in order to help protect other institutions affected by cyber crime and build collective resilience for the future.”

Jonathon Ellison, director of national resilience at the National Cyber Security Centre, explained: “These new measures help to undermine the criminal ecosystem that’s causing harm across our economy. Ransomware remains a serious and evolving threat. It follows that organisations must not become complacent. All businesses should strengthen their defences using proven frameworks such as Cyber Essentials and our free Early Warning service, as well as being prepared to respond to incidents, recover quickly and maintain continuity if the worst should happen.”

Shirine Khoury-Haq, CEO at the Co-op, stated: “We know first-hand the damage and disruption cyber attacks cause to businesses and communities. That’s why we welcome the Government’s focus on cyber crime. What matters most is learning, building resilience and supporting each other to prevent future harm. This is a step in the right direction for constructing a safer digital future.”  

The robust proposals that have been put forward are part of the Government’s Plan for Change designed to defend businesses, services and infrastructure against cyber threats and better protect the general public.

*Read the Government’s response to the ransomware consultation on GOV.UK