The UK government launches proposals for protection against ransomware
- Proposals on ransomware protection are being submitted to the UK government for consultation
- The proposals are aimed at making critical infrastructure less vulnerable
- This includes mandatory reporting and a ban on paying ransoms
The UK government is launching a consultation on proposals to protect UK businesses and infrastructure from the growing threat of ransomware attacks.
Consultation on the proposals will now start and will be heard until early April 2025. The consultations include a targeted ban on ransomware payments for the public sector, a scheme for reporting ransomware incidents and a scheme for the prevention of ransomware payments for victims.
The need for protection is clear: research shows that 90% of cyber attacks between April 2023 and March 2024 were politically motivated, leaving critical infrastructure most vulnerable, as seen in frequent recent breaches of healthcare targets, including an NHS children’s hospital.
Unattractive targets
The average cost of a ransomware attack has skyrocketed, with recent research claiming such incidents are costing UK businesses a lot of money approximately £44 billion in the past five years.
The aim of the proposal is to deter attackers from attacking critical infrastructure by banning ransom payments, thereby disrupting the cybercriminal’s source of income. This means local authorities, schools and hospitals will be among those banned from paying – and required to report any break-ins.
The National Cyber Security Center (NCSC) managed 430 cyber incidents between September 2023 and August 2024, including 13 ‘nationally significant’ ransomware attacks, which are said to have caused serious damage to essential services or the wider economy.
“Reducing cybercrime is at the heart of this government’s missions to reduce crime, deliver growth and keep the British people safe,” said Security Secretary Dan Jarvis.
“With an estimated $1 billion flowing to ransomware criminals globally by 2023, it is critical that we act to protect national security as a key foundation on which this administration’s Plan for Change is built. These proposals will help us address the scale of the ransomware threat that is putting these criminal networks in their pockets and cutting off the key financial pipeline they depend on to operate.”