The UK government has introduced proposals aimed at cracking down on ransomware attacks targeting public sector organizations. Under these new plans, schools, NHS trusts, local councils, and other critical national infrastructure operators would be prohibited from paying ransoms demanded by cybercriminals. The primary aim is to reduce the appeal of public sector bodies as targets for ransomware gangs by denying them a financial incentive. These measures are part of a broader strategy to protect the UK’s national security and make such organizations less desirable to cybercriminals.
Private companies that pay ransomware demands would be required to report the payment to the government, with the potential for the payment to be blocked if made to sanctioned groups or foreign states. The proposals would also mandate the reporting of ransomware incidents within a specific timeframe. This is intended to increase transparency and allow law enforcement to more effectively investigate and disrupt ransomware gangs, thus reducing the overall success of these attacks.
The UK government has been strongly discouraging ransom payments, though it is not currently illegal to make such payments unless they are directed to terrorist organizations. The proposed changes aim to further disincentivize the practice by making it mandatory for victims to report any intention to pay, and allowing the government to block those payments. The measure would apply to a range of public bodies, including critical infrastructure sectors such as energy and transport, which are increasingly being targeted by ransomware gangs.
Experts have reacted positively to the government’s proposals, particularly the move to require ransomware attacks to be reported, which is expected to improve law enforcement’s ability to track and prevent future attacks. However, some experts caution that the selective payment ban might not be fully effective because ransomware groups tend to target a wide range of sectors indiscriminately. Despite these concerns, the overall goal is to increase the resilience of public sector organizations and disrupt the financial operations of ransomware gangs, thereby making it more difficult for them to profit from their criminal activities.
