Under a new government plan to tackle hackers who infiltrate systems with ransomware, schools, the NHS and local councils are among those who will be banned from paying the ransom and bowing to the cyber criminals. As part of the proposal, they will order all payouts by private companies to be reported to the government who may block the payments if they are made to sanctioned groups of foreign states. If this becomes law, reporting ransomware attacks will be made mandatory.
Some are calling this “the most significant intervention against ransomware by any national government to date.” The aim is to bring other public bodies into line with government departments, who are already banned from making ransomware payments. The ban will apply to all public bodies and will also apply to national infrastructure such as transport and energy. The rationale behind the proposal is to make public sector and infrastructure organisations less appealing to ransomware gangs.
The National Cyber Security Centre define ransomware as a type of malware which prevents you from accessing your device and the data stored on it, usually by encrypting your files. A criminal group will then demand a ransom in exchange for decryption. The computer itself may become locked, or the data on it might be encrypted, stolen or deleted. The attackers may also threaten to leak the data they steal. Removing ransomware can be a complex task and often requires expert intervention. It was reported that in 2023, ransomware gangs earned $1.1billion worldwide.
The security minister, Dan Jarvis, said: “With an estimated $1bn flowing to ransomware criminals globally in 2023, it is vital we act to protect national security. These proposals help us meet the scale of the ransomware threat, hitting these criminal networks in their wallets and cutting off the key financial pipeline they rely upon to operate.”
What this means for you
As explained above, this plan predominately affects UK public bodies. However, if the law comes into action, then reporting ransomware attacks will be mandatory which will affect all organisations in the UK.
Preventing Ransomware should be part of all organisations cyber security plans. At Sharp, we have a range of Cyber Security solutions that help protect you and your organisation against cyber threats such as ransomware. Contact our team today to find out how we can support your organisation.
