IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

NCSC and ICO chiefs plead with lawyers to stop making ransomware payments

The two UK authorities say misconceptions around ICO fines are jeopardising the integrity of UK cyber security, in a direct appeal to the Law Society

Leaders from the Information Commissioner’s Office (ICO) and National Cyber Security Centre (NCSC) have called on lawyers in England and Wales to stop their clients from paying ransomware gangs after being attacked.

The NCSC said it's seeing a rise in businesses choosing to pay the demands made by the ransomware operators, but argues that paying these groups only incentivises further attacks and directly funds future criminal endeavours.

The NCSC and ICO wrote to the Law Society for assistance in sharing “some key messages” after they became aware of a growing misconception that paying ransomware gangs to protect data may lead to less harsh penalties imposed on the company by the ICO.

“We would like to be clear that this is not the case,” the letter read. “Law Enforcement does not encourage, endorse nor condone the payment of ransoms.

“While payments are not usually unlawful, payers should be mindful of how relevant sanctions regimes (particularly those related to Russia) – and their associated public guidance – may change that position. More importantly, payment incentivises further harmful behaviour by malicious actors and does not guarantee decryption of networks or return of stolen data.”

The Law Society was also asked to remind lawyers the ICO takes into account the degree to which a given business has taken precautions and implemented measures to mitigate the threat of a ransomware attack when deciding on post-attack penalties.

Related Resource

An analysis of the European cyber threat landscape

Human risk review 2022

Whitepaper cover with title and three colleagues sat at a table laughing togetherFree Download

It said it does not consider making payments to cyber criminals, with the view that a business’ data would be more secure as a result, as a satisfactory business strategy to prevent attacks. 

Measures the ICO recognises include actionable changes made after analysing an attack and learning from it, timely reporting to the relevant authorities, and a demonstration that the NCSC’s and ICO’s guidance on cyber attacks has been considered.

“Ransomware remains the biggest online threat to the UK and we are clear that organisations should not pay ransom demands,” said Lindy Cameron, CEO of the NCSC.

“Unfortunately we have seen a recent rise in payments to ransomware criminals and the legal sector has a vital role to play in helping reverse that trend.

Cyber security is a collective effort and we urge the legal sector to help us tackle ransomware and keep the UK safe online.”

The joint letter highlighted the information available to businesses from both the NCSC and ICO, and requested a meeting to discuss the matter further with a view to ensuring there is a strong understanding of the criminal landscape involved with ransomware.

Lawyers are advised to point their clients towards the publicly available advice and make any necessary changes to their cyber strategy to protect the UK online.

Featured Resources

The Total Economic Impact™ Of Turbonomic Application Resource Management for IBM Cloud® Paks

Business benefits and cost savings enabled by IBM Turbonomic Application Resource Management

Free Download

The Total Economic Impact™ of IBM Watson Assistant

Cost savings and business benefits enabled by Watson Assistant

Free Download

The field guide to application modernisation

Moving forward with your enterprise application portfolio

Free Download

AI for customer service

Discover the industry-leading AI platform that customers and employees want to use

Free Download

Recommended

Ransomware now strikes one in 40 organisations per week, Check Point finds
ransomware

Ransomware now strikes one in 40 organisations per week, Check Point finds

27 Jul 2022
Darktrace AI’s Antigena helps stop ransomware attack at Dordogne GHT
ransomware

Darktrace AI’s Antigena helps stop ransomware attack at Dordogne GHT

13 Apr 2022
Sabbath hackers are targeting US schools and hospitals
ransomware

Sabbath hackers are targeting US schools and hospitals

29 Nov 2021
US government warns of increased risk of ransomware over holiday season
ransomware

US government warns of increased risk of ransomware over holiday season

24 Nov 2021

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
The benefits of a hardware update for SMBs
Sponsored

The benefits of a hardware update for SMBs

2 Aug 2022