Brian Sims
Editor

World-leading ransomware protection proposals brought forward

Posted to News on Tuesday, January 14, 2025 Share:

UK BUSINESSES are set to be protected by new world-leading ransomware proposals brought forward to tackle the threat of cyber crime, which is estimated to cost the economy billions of pounds every year.

Ransomware is malicious software which infects a victim’s computer and demands a ransom from them in order to give them back access to their system, for their data to be restored and often for the hackers not to publish the victim’s personal data on the Internet.

Aiming to strike at the heart of the cyber criminals’ business model and protect UK businesses by deterring threats, the Government’s proposals include banning all public sector bodies and Critical National Infrastructure (CNI), including the National Health Service, local councils and schools from making ransomware payments such that they then become unattractive targets for criminals. This is an expansion of the current ban on payments by Government departments.

This is in addition to making it mandatory to report ransomware incidents in order to boost the intelligence available to law enforcement and assist the latter when it comes to disrupting more incidents.

The proposals will help the Government to deliver on its ‘Plan for Change’ by protecting those public services and critical infrastructures upon which the nation relies from the threat of disruption and the often huge costs incurred.

Driving down cyber crime

Security Minister Dan Jarvis said: “Driving down cyber crime is central to this Government’s missions of reducing crime, delivering growth and keeping the British people safe. With an estimated £821,700,000 flowing to ransomware criminals globally in 2023, it’s vital that we act to protect national security as a key foundation upon which this Government’s ‘Plan for Change’ is built.”

Jarvis continued: “These proposals help us to meet the scale of the ransomware threat, hitting criminals’ networks in their wallets and cutting off the key financial pipeline they rely upon to operate. This news marks the beginning of a vital step forward to protect the UK’s economy and keep businesses and jobs safe.”

Carried out largely by Russian-affiliated criminal gangs, ransomware attacks continue to pose the most immediate and disruptive threat to the UK’s CNI. That’s according to the National Cyber Security Centre’s (NCSC) Annual Review 2024. Such attacks also realise more disruption and pose a greater risk than other forms of cyber criminality.

Recent cyber attacks have included those targeting a key supplier to London hospitals and the Royal Mail, with devastating impacts on the public.

Trio of proposals 

The Home Office-led consultation will consider three proposals as follows:

*a targeted ban on ransomware payments for all public sector bodies and CNI, duly expanding the existing ban in relation to ransomware payments by Government departments and making the essential services upon which the country relies the most unattractive targets for ransomware crime

*a ransomware payment prevention regime that would increase the National Crime Agency’s (NCA) awareness of live attacks and criminal ransom demands, providing victims with advice and guidance before they decide on how to respond and enabling payments to known criminal groups and sanctioned entities to be blocked

*a mandatory reporting regime for ransomware incidents that brings ransomware ‘out of the shadows’ and maximises the intelligence used by the UK’ law enforcement agencies to warn of emerging ransomware threats and target their investigations on the most prolific and damaging organised ransomware groups

The NCSC managed circa 430 cyber incidents between September 2023 and August 2024, including 13 ransomware incidents deemed to be nationally significant and which posed serious harm to essential services or the wider economy. Reporting to the NCA indicates the number of UK victims appearing on ransomware data leak sites has also doubled since 2022.

With the Crime Survey for England and Wales also estimating that almost one million (ie 952,000) computer misuse offences were committed against individuals in England and Wales in the year ending June 2024, and new polls showing that 84% and 72% of the UK public are concerned about the threat of ransomware to UK infrastructure and businesses respectively, the Government’s proposals set out necessary action to protect UK consumers, businesses, infrastructure and public services against the ransomware threat.

The measures form part of a wider push across central Government orchestrated to improve the UK’s defences against cyber threats and protect the UK’s critical infrastructure and essential services.

Operation Cronos

The new regime would support recent operations such as the successful Operation Cronos, the NCA-led global collaboration to disrupt LockBit, which stands as one of the most dangerous cyber crime networks in the world.

It also follows on from international action to tackle the threat of cyber crime through the UK-led Counter Ransomware Initiative (CRI) guidance published in September last year to boost global ransomware resilience, which is supported by 40 CRI members and eight global insurance bodies.

In October 2024, the most recent joint action by the UK, the USA and Australia led to the sanction of 16 individuals linked to the Evil Corp and LockBit cyber gangs.

NCSC CEO Richard Horne explained: “This consultation marks a vital step forward in our efforts to protect the UK from the crippling effects of ransomware attacks and the associated economic and societal costs.”

Horne added: “Organisations of all sizes need to build their defences against cyber attacks involving ransomware. Our website contains a wealth of advice tailored to different organisations. In addition, using proven frameworks like Cyber Essentials, and free services including the NCSC’s Early Warning, will help to strengthen overall security postures.”

In addition, Horne observed: “Organisations right across the country need to strengthen their ability to continue operations in the face of the disruption caused by successful ransomware attacks. This isn’t just about having back-ups in place. Organisations need to make sure they have tested plans to continue their operations in the extended absence of IT should an attack be successful. They need a tested plan to rebuild their systems from back-ups.”

Company Info

WBM

Dorset House
64 High Street
EAST GRINSTEAD
RH19 3DE
UNITED KINGDOM

01342 33 3711

Related Topics
CNI
Counter Ransomware Initiative
Crime Survey for England and Wales
Critical National Infrastructure
Cyber Crime
Evil Corp
Government
LockBit
National Crime Agency
National Cyber Security Centre
Operation Cronos
Ransomware
Related Articles
Latest Webinars
Biometric access control: are fingerprint cards the future?
Biometric access control: are fingerprint cards the future?
Bandweaver signposts webinar on optical fiber for perimeter security
Video Surveillance: Exploring New Horizons
Perimeter Intruder Detection Solutions
Related Resources
Cyber risk facing UK “widely underestimated” warns head of NCSC
Security Matters Podcast – Episode 32 now live to view
Security Matters Podcast – Episode 31 now live to view
Latest News
Police “failing to meet public’s minimum standards of service” states UCL report
Upgraded surveillance cameras installed for enhanced security in London
University of Sussex partners with Exponential-e to implement Cyber SOC

Login / Sign up