UK Home Office to ban government and critical infrastructure entities from making ransomware payments

The UK’s Home Office has proposed a ban on public sector and critical infrastructure organisations from paying ransomware operators to regain access to their systems or data.  

                 

In a recent press release, the Home Office said it has launched a consultation on January 14 that proposes a “targeted ban on ransomware payments for all public sector bodies and critical national infrastructure operators.”

 

The proposal includes “expanding the existing ban on ransomware payments by government departments, and making the essential services the country relies on the most unattractive targets for ransomware crime.”

 

The Home Office’s aim is to “strike at the heart of the cybercriminal business model and protect UK businesses” by banning all public sector bodies and critical national infrastructure, including the NHS, local councils, and schools, from making ransomware payments and making the organisations “unattractive targets” for cyber criminals.

 

“The proposals will help the government deliver on its Plan for Change by protecting the public services and infrastructure people rely on from disruption and huge costs,” reads the press release.

 

Another point in the proposal is to follow a ransomware payment prevention regime, which includes increasing the National Crime Agency’s awareness of live attacks and criminal ransom demands. This is in addition to the mandatory reporting of ransomware attacks which will help law enforcement agencies to identify and target cyber criminals.

 

In a statement shared with the media, Security Minister Dan Jarvis said, “Driving down cybercrime is central to this government’s missions to reduce crime, deliver growth, and keep the British people safe.

 

“With an estimated $1 billion flowing to ransomware criminals globally in 2023, it is vital we act to protect national security as a key foundation upon which this government’s Plan for Change is built.

 

“These proposals help us meet the scale of the ransomware threat, hitting these criminal networks in their wallets and cutting off the key financial pipeline they rely upon to operate.

 

“Today marks the beginning of a vital step forward to protect the UK economy and keep businesses and jobs safe,” he added.