UK to lead crackdown on cyber criminals with ransomware measures

Hospitals, businesses, and critical services are set to be protected under measures designed to crack down on cyber criminals and safeguard the public, following public consultation on ransomware proposals.

Ransomware is software used maliciously by cyber criminals to access victims' computer systems. Systems and data can be encrypted, or data stolen, until a ransom is paid. Ransomware is estimated to cost the UK economy millions of pounds each year, with recent high-profile ransomware attacks highlighting the severe operational, financial, and even life-threatening risks. 

Public sector bodies and operators of critical national infrastructure, including the NHS, local councils and schools, would be banned from paying ransom demands to criminals under the measure, with nearly three quarters of consultation respondents showing support for the proposal.

The ban would target the business model that fuels cyber criminals' activities and makes the vital services the public rely on a less attractive target for ransomware groups.    

Under the proposals, businesses not covered by the ban would be required to notify the government of any intent to pay a ransom. The government could then provide those businesses with advice and support, including notifying them if any such payment would risk breaking the law by sending money to sanctioned cyber criminal groups, many of whom are based in Russia.  

Mandatory reporting is also being developed, which would equip law enforcement with essential intelligence to hunt down perpetrators and disrupt their activities, allowing for better support for victims. Consultation responses showed strong support for a new mandatory reporting regime to better protect British organisations and industry.

The new package of measures will lead the way in tackling ransomware and are designed to strike against cyber criminals' business model, bolstering our national security and protecting key services and businesses from disruption - delivering on our Plan for Change. They follow an extensive consultation with stakeholders across the UK which showed strong public backing for tougher action to tackle ransomware and protect vital services. 

Security Minister Dan Jarvis said:  

Ransomware is a predatory crime that puts the public at risk, wrecks livelihoods and threatens the services we depend on. 

That's why we're determined to smash the cyber criminal business model and protect the services we all rely on as we deliver our Plan for Change. 

By working in partnership with industry to advance these measures, we are sending a clear signal that the UK is united in the fight against ransomware.

In addition to the proposed new measures, the government continues to urge organisations across the country to strengthen their ability to maintain operations in the event of a successful ransomware attack. This includes having offline backups, tested plans to operate without IT for an extended period, and a well-rehearsed strategy for restoring systems from backups. 

Cyber criminals have not only cost the nation billions of pounds but in some cases have brought essential services to a standstill.   

The devastating consequences are not just financial but can put lives in danger, with an NHS organisation recently identifying a ransomware attack as one of the factors that contributed to a patient's death.

These attacks have brutally exposed the alarming vulnerability at the core of our public and private institutions, from flagship British retailers and essential supermarkets including the Co-op to NHS hospitals.  

British Library Chief Executive Rebecca Lawrence said:

The British Library, which holds one of the world's most significant collections of human knowledge, was the victim of a devastating ransomware attack in October 2023.

The attack destroyed our technology infrastructure and continues to impact our users, however, as a public body, we did not engage with the attackers or pay the ransom. Instead, we are committed to sharing our experiences to help protect other institutions affected by cyber-crime and build collective resilience for the future.

NCSC Director of National Resilience Jonathon Ellison said:

These new measures help undermine the criminal ecosystem that is causing harm across our economy.

Ransomware remains a serious and evolving threat, and organisations must not become complacent. All businesses should strengthen their defences using proven frameworks such as Cyber Essentials and our free Early Warning service, and be prepared to respond to incidents, recover quickly, and maintain continuity if the worst happens.

Co-op CEO Shirine Khoury-Haq said:

We know first-hand the damage and disruption cyber-attacks cause to businesses and communities. That's why we welcome the government's focus on Cyber Crime.

What matters most is learning, building resilience, and supporting each other to prevent future harm. This is a step in the right direction for building a safer digital future.  

These robust proposals are part of the government's Plan for Change to defend businesses, services, and infrastructure against cyber threats to better protect the public.