Skip to content

UK considers banning ransomware payouts

  • by
  • 3 min read

Illustration: JMiks | Shutterstock

The UK government is considering banning public and critical infrastructure organisations from making ransomware payments. The ban aims to protect hospitals, schools, and other essential public services like railways and power infrastructure from a growing ransomware threat.

The 12-week consultation will run from January 14 to April 8 and explore the following three proposals:

  • A complete ban on ransomware payouts.
  • Implementation of a ransomware payment prevention program.
  • Mandatory ransomware attack reporting regime.

Not intending to leave victims high and dry, implementing a ransomware payment prevention program has also been suggested, offering victims guidance on responding to ransomware incidents. This further tightens the government’s grip on the ransom money flowing to cybercrime organisations and other sanctioned entities.

A mandatory ransomware attack reporting regime has also been proposed to increase the intelligence available on ransomware attacks for the UK’s law enforcement agencies. This information would also be used to support international operations targeting ransomware groups. A recent example of this is Operation Cronos in 2024, where law enforcement agencies from the UK and several other nations got together to take down the infamous LockBit ransomware group.

The UK isn’t the first country to explore banning ransomware payments. However, the decision could have unintended consequences for businesses, including forcing them to choose between going out of business or paying a ransom illegally if the company doesn’t have the technical expertise or resources to recover encrypted data in the aftermath of a ransomware attack. Australia also considered a blanket ban on ransomware payments in November 2022 after the infamous Medibank data breach but hasn’t implemented any laws.

It should also be noted that banning ransomware payments isn’t necessarily going to result in a drop in cybercrime rates. Targets like schools and hospitals are increasingly targeted by ransomware gangs due to flaws in their digital infrastructure and the urgent nature of their business, often prompting the organisation to pay the ransom and get back to operation as usual as soon as possible.

Any data stolen in ransomware attacks can also be sold on cybercrime forums. In the event of a blanket ban on ransomware payouts, threat actors can steal and sell a company’s data on the dark web without the company getting a chance to negotiate with the attackers and avoid massive data breaches.

In the News: Insurance company sued for illegally collecting and selling customer data

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

>