New proposals to counter ransomware
Image by Teerachai Jampanak / copyright Shutterstock
Ransomware is the most acute cyber threat for most businesses in the UK and the impact of an attack can affect every aspect of an organisation. This includes disrupting operational delivery, hitting finances, compromising customer data, eroding trust and damaging an organisation’s reputation.
The ransomware threat is borderless, and with criminals constantly adapting their techniques to gain efficiencies and maximise profits, it is an issue that senior leaders in all organisations should take seriously by allocating resources to robust cyber security measures and comprehensive incident response planning.
The NCSC, alongside wider government, is committed to making the UK an unattractive target for ransomware attacks and the launch of this consultation represents a significant milestone on that journey.
The consultation will consider three proposals:
- A targeted ban on ransomware payments for all public sector bodies and critical national infrastructure – expanding the existing ban on ransomware payments by government departments and making the essential services the country relies on the most unattractive targets for ransomware crime.
- A ransomware payment prevention regime – increasing the National Crime Agency’s awareness of live attacks and criminal ransom demands, providing victims with advice and guidance before they decide how to respond, and enabling payments to known criminal groups and sanctioned entities to be blocked. This regime would support disruptive operations such as the recent success of Operation CRONOS, the NCA-led global collaboration to disrupt Lockbit in 2024, one of the most dangerous cyber crime networks in the world.
- A mandatory reporting regime for ransomware incidents – bringing ransomware out of the shadows and maximising the intelligence used by UK law enforcement agencies to warn of emerging ransomware threats and target their investigations on the most prolific and damaging organised ransomware groups.
The consultation can be accessed via GOV.UK and will close at 5pm on 8th April 2025.
Commenting on the consultation’s launch, NCSC CEO Richard Horne said: “This consultation marks a vital step in our efforts to protect the UK from the crippling effects of ransomware attacks and the associated economic and societal costs.
“Organisations of all sizes need to build their defences against cyber attacks such as ransomware, and our website contains a wealth of advice tailored to different organisations. In addition, using proven frameworks like Cyber Essentials and free services like NCSC’s Early Warning, will help to strengthen their overall security posture.
“Organisations across the country need to strengthen their ability to continue operations in the face of the disruption caused by successful ransomware attacks. This isn’t just about having backups in place: organisations need to make sure they have tested plans to continue their operations in the extended absence of IT should an attack be successful, and have a tested plan to rebuild their systems from backups.”
The NCSC is committed to helping UK organisations prevent ransomware attacks and mitigate their effects if they get through. It provides free actionable advice on the NCSC’s Ransomware Hub, in addition to strategic guidance on what to expect and how to secure remediation services to recover and rebuild networks.
