The UK government has proposed a set of new measures designed to protect critical services and businesses from ransomware attacks following a public consultation.

Under the new proposals, the Home Office said that public sector bodies and operators of critical national infrastructure, including the NHS, local councils and schools, would be banned from paying ransom demands to criminals.

The government claims the move would target the business model that drives the activities of cyber criminals, making vital public services a less attractive target for ransomware groups.

The government said that three quarters of respondents to its consultation showed support for the measure.

Ransomware is software used maliciously by cyber criminals to access victims’ computer systems. Systems and data can be encrypted, or data stolen, until a ransom is paid.

Under the proposals, businesses not covered by the ban would be required to notify the government of any intent to pay a ransom.

These companies would then be given advice and support, including notification if any such payment would risk breaking the law by sending money to sanctioned cyber-criminal groups, many of whom are based in Russia. 

The government is also developing mandatory reporting, which it said would equip law enforcement with essential intelligence to hunt down perpetrators and disrupt their activities, allowing for better support for victims.

Ransomware costs the UK economy millions of pounds each year, with the government warning that high-profile ransomware attacks highlight the severe operational, financial, and even life-threatening risks they create.

The government highlighted that in some cases cyber criminals have stopped essential services, with an NHS organisation recently identifying a ransomware attack as one of the factors that contributed to a patient’s death.

In addition to the proposed new measures, the government urged organisations across the country to strengthen their ability to maintain operations in the event of a successful ransomware attack by having offline backups, testing plans to operate without IT for an extended period, and having a strategy for restoring systems from backups.

“Ransomware is a predatory crime that puts the public at risk, wrecks livelihoods and threatens the services we depend on,” said security minister Dan Jarvis. “By working in partnership with industry to advance these measures, we are sending a clear signal that the UK is united in the fight against ransomware.”

---