UK public sector and critical infrastructure organizations could be banned from paying ransoms under new proposals from the UK government.
The UK Home Office on Tuesday launched a consultation proposing a “targeted ban” on ransomware payments. Under the proposals, public sector bodies including local councils, schools and NHS trusts would be banned from making payments to ransomware hackers, which the government said would “strike at the heart of the cybercrime business model”. There is.
The government proposals come in the wake of a wave of cyberattacks targeting the UK public sector. Last year, the NHS declared a “major” incident following a cyber attack on pathology laboratory Synovis. The cyberattack resulted in a massive data breach of sensitive patient data, leading to months of disruption, including canceled surgeries and diversion of emergency patients. The cyberattack on Synovis affected dozens of patients and led to long-term or permanent health damage in at least two cases, according to new data reviewed by Bloomberg.
Newly outlined proposals from the UK government would also make it a criminal offense for critical infrastructure organizations, such as energy and telecoms companies, to pay a ransom if they are attacked by ransomware. UK government departments have already been banned from making payments to ransomware gangs.
The UK proposal also details a new reporting regime for ransomware incidents, which would require victims of cyberattacks not covered by the ban to report their incidents to the government. Another proposal proposes a program aimed at blocking ransom payments to sanctioned entities, which the government has the power to block.
Security Minister Dan Jarvis said: “An estimated $1 billion will flow to ransomware criminals worldwide in 2023, and we will act to protect national security as a key foundation on which to build governments' transformation plans. That is extremely important.”
“These proposals will help address the scale of the ransomware threat, attack the wallets of criminal networks, and shut down the critical financial pipelines they rely on to operate,” Jarvis said. said.
The UK National Cyber Security Center managed 430 cyber incidents in the year to August 2024, including 13 'nationally significant' ransomware incidents, according to data shared by the Home Office on Tuesday. Incident included. The Home Office said these were carried out by “primarily Russian-linked criminal organizations” and continued to pose an “immediate and destructive threat” to the UK's critical national infrastructure.
The UK National Crime Agency took action against one of these gangs in October 2024, unmasking an alleged affiliate of the prolific Russia-linked LockBit ransomware group. LockBit was linked to a previous cyberattack on NHS IT vendor Advanced.
Britain has not said whether it plans to submit the bill to parliament. The Home Office consultation is expected to conclude in April 2025.
In the United States, the federal government has long advocated against paying ransom demands, but has stopped short of enforcing a complete nationwide ban on ransom payments. However, in October 2023, a U.S.-led coalition of more than 40 countries vowed that governments would not pay ransoms to cybercriminals to cut off their source of income.