UK business leaders are overwhelmingly in favor of a ban on ransomware payments in the private sector - but would break such a ban themselves if they thought it was necessary.
The government is proposing a ban on the payment of ransoms by public sector bodies and operators of critical national infrastructure, including the NHS, local councils, and schools.
For the time being, the ban doesn’t extend to private firms. However, analysis from Commvault found that 96% of UK business leaders believe payments should be banned across both the public and private sectors.
In the event of a ban being imposed on private sector firms, three-quarters (75%) admitted they would still pay a ransom themselves if it were the only way to save their organization, regardless of whether civil or criminal penalties applied.
“Paying a ransom rarely guarantees recovery and often increases the likelihood of being targeted again,” said Darren Thomson, field CTO EMEAI at Commvault.
“A well-enforced ban could help take the profit out of ransomware, but it must be matched by greater investment in prevention, detection, and recovery-testing. Without that, more organizations could find themselves exposed at the worst possible moment, with no viable path to recovery.”
The survey found that 94% of business leaders support limiting ransom payments for public bodies, and 99% for private organizations.
However, in real-world situations within the private sector, only 10% said they would actually comply with any ban if they were attacked. A further 15% said they'd be neither likely nor unlikely to comply.
Of those who supported a proposed payment ban, 34% reckoned it would lead to increased government support and intervention to help build up cyber resilience.
Another third thought it would bring down the number of attacks by reducing the incentive for attackers.
Ransom payment bans are a tightrope for private firms
While the government's proposals so far only ban the payment of ransoms by public sector bodies and operators of critical national infrastructure, they do place certain constraints on private firms.
Businesses would be required to notify the government of any intent to pay a ransom - which would then tell them whether or not they'd be breaking the law by sending money to sanctioned cyber criminal groups, many of which are based in Russia.
“Ransomware and cyber attacks will be a concern for a long time, as international cyber gangs make huge profits from them and use these resources to continually develop their attack tools," says Jane Frankland, CEO of security training firm Knewstart.
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
- The ransomware groups worrying security researchers in 2025
- Nearly half of MSPs admit to having a ransomware kitty
- Ransomware victims are getting better at haggling with hackers
-
What does modern security success look like for financial services?Sponsored As financial institutions grapple with evolving cyber threats, intensifying regulations, and the limitations of ageing IT infrastructure, the need for a resilient and forward-thinking security strategy has never been greater
-
Yes, legal AI. But what can you actually do with it? Let’s take a look…Sponsored Legal AI is a knowledge multiplier that can accelerate research, sharpen insights, and organize information, provided legal teams have confidence in its transparent and auditable application
-
CISA just published crucial new guidance on keeping Microsoft Exchange servers secureNews With a spate of attacks against Microsoft Exchange in recent years, CISA and the NSA have published crucial new guidance for organizations to shore up defenses.
-
US telco confirms hackers breached systems in stealthy state-backed cyber campaign – and remained undetected for nearly a yearNews The hackers remained undetected in the Ribbon Communications’ systems for months
-
Google says reports of a 'huge' Gmail breach affecting millions of users are false, againNews Reports of a major Gmail affecting millions of users have been flooding the web this week – Google says they're "false" and you've nothing to worry about.
-
Enterprises can’t keep a lid on surging cyber incident costsNews With increasing threats and continuing skills shortages, AI tools are becoming a necessity for some
-
Cyber researchers have already identified several big security vulnerabilities on OpenAI’s Atlas browserNews Security researchers have uncovered a Cross-Site Request Forgery (CSRF) attack and a prompt injection technique
-
CISA issues alert after botched Windows Server patch exposes critical flawNews A critical remote code execution flaw in Windows Server is being exploited in the wild, despite a previous 'fix'
-
Former NCSC head says the Jaguar Land Rover attack was the 'single most financially damaging cyber event ever to hit the UK' as impact laid bareNews Researchers said they place the UK financial impact of the attack on Jaguar Land Rover at around £1.9 billion.
-
Volkswagen confirms security ‘incident’ amid ransomware breach claimsNews Volkswagen has confirmed a security "incident" has occurred, but insists no IT systems have been compromised.
