- New ransomware proposals set to be implemented by UK Government
- These include a ban on ransom payments for public services
- Ransomware attacks cost the UK economy millions per year
A new set of cyber regulations are being introduced by the UK government in a move to protect British public services from the growing threat of ransomware.
Under the new guidelines, public organisations like the NHS, local councils, and schools will all be banned from paying ransom demands – a move which looks to dissuade criminals from targeting public institutions.
“Ransomware is estimated to cost the UK economy millions of pounds each year, with recent high-profile ransomware attacks highlighting the severe operational, financial, and even life-threatening risks,“ the Government’s statement argues.
Criminal business model
Amongst the high-profile attacks on public services in recent times is a ransomware attack on an NHS hospital, the disruptions from which contributed to a patient death – outlining just how damaging and harmful these attacks can be, not just financially but on a personal level too.
Ransomware-as-a-Service (RaaS) is a multi-million pound industry, and one which preys on vulnerable organisations without premium cybersecurity protections.
Public organisations in the UK with chronic budget restraints are particularly vulnerable, not just because they can’t afford first-rate security, but also because they provide critical services that have devastating impacts if disrupted.
Under the new set of proposals, businesses that are not covered by the ban are required to notify the government if they intend to pay the ransom – giving the government the opportunity to provide them with ‘advice and support, including notifying them if any such payment would risk breaking the law by sending money to sanctioned cyber criminal groups, many of whom are based in Russia.’
“Ransomware is a predatory crime that puts the public at risk, wrecks livelihoods and threatens the services we depend on,“ comments Security Minister Dan Jarvis. “By working in partnership with industry to advance these measures, we are sending a clear signal that the UK is united in the fight against ransomware.”
