In today's digital age, ransomware attacks have become increasingly prevalent, targeting organisations across various sectors, including public services and critical national infrastructure.
In recent years, numerous high-profile incidents have occurred where organisations such as the NHS, the Guardian, and the British Library have fallen victim to ransomware attacks. These attacks have led to significant short-term disruptions to their systems, impacting both the organisations and the individuals who depend on their services. However, beyond these headline-grabbing cases, countless other instances exist where private sector companies have been hindered in their operations, and members of the public have faced the distressing consequences of privacy invasions and personal data breaches.
The Home Office is launching a public consultation to address this growing threat. The consultation seeks to gather input on legislative proposals aimed at reducing payments to cyber criminals and increasing the reporting of ransomware incidents. The consultation is open to the public, with a particular interest in feedback from those who may be required to comply with the proposals, as well as industry and research stakeholders.
Key Proposals
The consultation document outlines three main proposals:
Targeted Ban on Ransomware Payments: This proposal seeks to implement a targeted ban on ransomware payments by public sector bodies, including local government entities, and operators of Critical National Infrastructure (CNI). The aim is to protect essential services from disruption and to dissuade cybercriminals by eliminating the potential for financial gain. By prohibiting these payments, the strategy intends to safeguard CNI and public services, ensuring they remain operational and secure.
The proposal also considers extending this ban to essential suppliers to these public bodies and CNI operators, with the aim of creating a comprehensive protective barrier against potential attacks. To enforce this ban effectively, compliance measures, including potential penalties for non-compliance, are being discussed. This approach is not only intended to protect vital infrastructure but also to send a clear message that the UK is committed to undermining the business model of ransomware criminals.
Ransomware Payment Prevention Regime: For organisations not covered by the targeted ban, a ransomware payment prevention regime is proposed. This regime would require victims to report their intention to pay a ransom before proceeding. This reporting mechanism would allow authorities to review and potentially block payments that violate legal frameworks, such as those involving sanctioned entities or terrorism finance legislation.
This proactive approach aims to provide victims with critical advice and guidance, helping them navigate the complex legal and ethical considerations involved in responding to ransomware demands. Additionally, it enhances the understanding of the ransomware payment landscape, enabling more effective interventions and policy development.
Ransomware Incident Reporting Regime: To address the issue of underreporting, a mandatory ransomware incident reporting regime is proposed. This would require organisations to report suspected ransomware attacks, regardless of their intention to pay the ransom. By mandating the reporting of such incidents, the government aims to improve its understanding of the scale and nature of ransomware threats, thereby enhancing resilience and supporting law enforcement efforts.
This measure is designed to ensure that the government and relevant authorities have a comprehensive view of the ransomware threat landscape, allowing for more informed decision-making and resource allocation. It also aims to foster a culture of transparency and accountability, encouraging organisations to take proactive steps in strengthening their cybersecurity defences.
The consultation on these proposals is open to the public until 8 April 2025 and responses can be submitted online at https://www.homeofficesurveys.homeoffice.gov.uk/s/E6ROXH/.
If you would like to know how our Cybersecurity team here at Trowers & Hamlins can assist you, please get in touch with Charlotte Clayson,Joseph Hannify or the CyberSecure 360 team .
