NCSC and ICO chiefs plead with lawyers to stop making ransomware payments
The two UK authorities say misconceptions around ICO fines are jeopardising the integrity of UK cyber security, in a direct appeal to the Law Society
Leaders from the Information Commissioner’s Office (ICO) and National Cyber Security Centre (NCSC) have called on lawyers in England and Wales to stop their clients from paying ransomware gangs after being attacked.
The NCSC said it's seeing a rise in businesses choosing to pay the demands made by the ransomware operators, but argues that paying these groups only incentivises further attacks and directly funds future criminal endeavours.
The NCSC and ICO wrote to the Law Society for assistance in sharing “some key messages” after they became aware of a growing misconception that paying ransomware gangs to protect data may lead to less harsh penalties imposed on the company by the ICO.
“We would like to be clear that this is not the case,” the letter read. “Law Enforcement does not encourage, endorse nor condone the payment of ransoms.
“While payments are not usually unlawful, payers should be mindful of how relevant sanctions regimes (particularly those related to Russia) – and their associated public guidance – may change that position. More importantly, payment incentivises further harmful behaviour by malicious actors and does not guarantee decryption of networks or return of stolen data.”
The Law Society was also asked to remind lawyers the ICO takes into account the degree to which a given business has taken precautions and implemented measures to mitigate the threat of a ransomware attack when deciding on post-attack penalties.
It said it does not consider making payments to cyber criminals, with the view that a business’ data would be more secure as a result, as a satisfactory business strategy to prevent attacks.
Measures the ICO recognises include actionable changes made after analysing an attack and learning from it, timely reporting to the relevant authorities, and a demonstration that the NCSC’s and ICO’s guidance on cyber attacks has been considered.
“Ransomware remains the biggest online threat to the UK and we are clear that organisations should not pay ransom demands,” said Lindy Cameron, CEO of the NCSC.
“Unfortunately we have seen a recent rise in payments to ransomware criminals and the legal sector has a vital role to play in helping reverse that trend.
“Cyber security is a collective effort and we urge the legal sector to help us tackle ransomware and keep the UK safe online.”
The joint letter highlighted the information available to businesses from both the NCSC and ICO, and requested a meeting to discuss the matter further with a view to ensuring there is a strong understanding of the criminal landscape involved with ransomware.
Lawyers are advised to point their clients towards the publicly available advice and make any necessary changes to their cyber strategy to protect the UK online.
The Total Economic Impact™ Of Turbonomic Application Resource Management for IBM Cloud® Paks
Business benefits and cost savings enabled by IBM Turbonomic Application Resource Management

The Total Economic Impact™ of IBM Watson Assistant
Cost savings and business benefits enabled by Watson Assistant

The field guide to application modernisation
Moving forward with your enterprise application portfolio

AI for customer service
Discover the industry-leading AI platform that customers and employees want to use
