Brian Sims

Solicitors urged to help stem “rising tide” of ransomware payments

SOLICITORS ARE being asked to play their part in keeping the UK safe online by helping to tackle a rise in payments being made to ransomware criminals. In a joint letter, the National Cyber Security Centre and the Information Commissioner’s Office ask The Law Society to remind its members of their advice on ransomware and emphasise that paying a ransom will not keep data safe or be viewed by the Information Commissioner as a mitigation in regulatory action.

In the letter, the National Cyber Security Centre – which itself is a part of GCHQ – and the Information Commissioner’s Office state that they have seen evidence of a rise in ransomware payments and that, in some cases, solicitors may have been advising clients to pay in the belief that it will keep data safe or lead to a lower penalty.

The two organisations ask The Law Society to clarify to its members that this is not the case and that they do not encourage or condone paying ransoms, which can further incentivise criminals and will not guarantee the return of files.

Ransomware involves the encrypting of an organisation’s files by cyber criminals, who then demand money in exchange for providing access to them. These attacks are becoming more sophisticated and damaging. The UK Government is working with partners across the board to mitigate the threat.

With this in mind, back in December last year the National Cyber Strategy was launched to provide £2.6 billion of new investment and strengthen the UK’s role as a responsible cyber power.Tackling cyber crime, and in particular ransomware, is at the heart of the National Cyber Strategy, which aims to heighten the capability of law enforcement partners such that they can better respond to cyber attacks.

For instance, the National Cyber Crime Unit within the National Crime Agency was created to bring together law enforcement experts in a single elite unit. There’s also an established network of regional cyber crime units designed to provide access to specialist capabilities across the country.

Biggest online threat

National Cyber Security Centre CEO Lindy Cameron said: “Ransomware remains the biggest online threat to the UK and we do not encourage or condone paying ransom demands to criminal organisations. Unfortunately, we have seen a recent rise in payments to ransomware criminals and the legal sector has a vital role to play in helping to reverse that trend.”

Cameron concluded: “Cyber security is a collective effort and we urge the legal sector to work with us as we continue our efforts to fight ransomware and keep the UK safe online.”

John Edwards, the UK’s Information Commissioner, stated: “Engaging with cyber criminals and paying ransoms only incentivises other criminals and will not guarantee that compromised files are released. It certainly does not reduce the scale or type of enforcement action from the Information Commissioner’s Office or the risk posed to individuals affected by an attack.”

Edwards went on to comment: “We’ve seen cyber crime costing UK firms billions over the last five years. The response to that must be vigilance, good cyber hygiene, including keeping appropriate back-up files, and proper staff training to identify and stop attacks. Organisations will derive more credit from those arrangements than by paying off the criminals.”

Further, Edwards noted: “I want to work with the legal profession and the National Cyber Security Centre in order to ensure that companies understand how we will consider cases and how they can take practical steps to safeguard themselves in a way that we will recognise in our response should the worst happen.”

Reporting to Action Fraud

In the event of a ransomware attack or other cyber crimes, organisations should report directly an ongoing incident to Action Fraud (on 0300 123 2040, which is available 24/7), the Information Commissioner’s Office (for data breaches under the General Data Protection Regulation) or to the National Cyber Security Centre for any major cyber incidents. Law enforcement will then be able to mitigate the impact of the attack and secure evidence that can assist an investigation.

The Information Commissioner’s Office will recognise when organisations have taken steps to fully understand what has happened and learn from it and, where appropriate, they have raised their incident with the National Cyber Security Centre and they can evidence that they have taken advice from – or can demonstrate compliance with – appropriate National Cyber Security Centre guidance and support.

The National Cyber Security Centre has published a wide range of guidance on mitigating the ransomware threat, all of which can be found on its ransomware pages. The ICO’s recently updated ransomware guidance can also be accessed on the organisation’s website.

Company Info

Security Matters

Western Business Media
Dorset House
64 High Street
East Grinstead
RH19 3DE

Login / Sign up