UK government officials consider banning ransomware payments
Public bodies could be prevented from paying out to hackers to regain control of systems


The UK government is considering banning public organizations from paying ransomware demands as it seeks to strike a "significant blow” to cyber criminal operating models.
The consultation follows a series of serious ransomware incidents at NHS bodies, the British Library, Royal Mail and more, that have caused severe real world disruption and cost millions in recovery costs.
Consultation documents from government officials noted that ransomware is considered the "greatest of all serious and organized cyber crime threats, the largest cybersecurity threat, and is treated as a risk to the UK's national security."
To fight back, the Home Office is running a consultation centered around three proposals.
These include mandatory requirements to report ransomware incidents and a ransomware payment prevention scheme that would require notification of intention to pay and offer support to help victims avoid paying.
The government already prohibits ransomware payments by its own departments, and the third option would seek to extend that across all public bodies — including the NHS — and organizations deemed critical national infrastructure (CNI) and perhaps even their suppliers.
One consideration, the consultation report notes, is coming up with the right measures to encourage compliance with the ban — in other words, how to punish any public or CNI organisation that pays ransomware criminals.
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
The consultation is considering making non-compliance a criminal offence or making use of civil penalties, such as fines or banning leadership from being a member of a board.
However, the consultation document notes: "The Home Office welcomes views on other measures that could be used to encourage compliance with the ban."
Fighting back against ransomware
The aim of the legislation is to deter future ransomware attacks by cutting down the amount of money threat groups earn as well as to make it easier for authorities to disrupt and investigate attacks, the government said.
"Reducing the spread of ransomware attacks, and undermining the criminals’ business model, requires an entirely new approach, and one that will help the UK to lead the world in fighting back against the increasing risks posed by this crime to our society and economy,” the report states.
Because of that, tackling the threat of ransomware requires a coordinated approach.
"With an estimated $1bn flowing to ransomware criminals globally in 2023, it is vital we act to protect national security," said security minister Dan Jarvis.
"These proposals help us meet the scale of the ransomware threat, hitting these criminal networks in their wallets and cutting off the key financial pipeline they rely upon to operate."
The consultation runs until April.
Does paying ransoms work?
Paying ransoms to threat actors can be a dangerous option for organizations that have fallen prey to a cyber attack. Despite paying, research shows many victims find they cannot recover all stolen data, and in some instances threat actors have still leaked sensitive information.
RELATED WHITEPAPER
The National Cyber Security Centre (NCSC) has previously said it does not believe such ransoms should be paid, but doing so is not illegal unless the victim is aware that the money is funding terrorism.
"This consultation marks a vital step in our efforts to protect the UK from the crippling effects of ransomware attacks and the associated economic and societal costs," said Richard Horne, CEO of the NCSC.
The consultation is only targeted at public organisations or those organisations deemed to have critical national infrastructure, but previous research has suggested as many as a third of private companies have paid out to ransomware groups.
Freelance journalist Nicole Kobie first started writing for ITPro in 2007, with bylines in New Scientist, Wired, PC Pro and many more.
Nicole the author of a book about the history of technology, The Long History of the Future.
-
Ransomware victims are getting better at haggling with hackers
News While nearly half of companies paid a ransom to get their data back last year, victims are taking an increasingly hard line with hackers to strike fair deals.
-
Government cybersecurity action plan includes £16 million in funding
News Cash will go to help startups, scale-ups, and university spinouts, while a new advisory group will aim to improve public sector cybersecurity
-
European Commission calls for cyber security proposals
News With a special focus on healthcare, the Commission is looking to allocate €145.5 million
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker group
News An analysis of May's SQL database dump shows how much LockBit was really making
-
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabs
News An anonymous whistleblower has released large amounts of data allegedly linked to the ransomware gangs
-
It's been a bad week for ransomware operators
News A host of ransomware strains have been neutralized, servers seized, and key players indicted
-
Everything we know about the Peter Green Chilled cyber attack
News A ransomware attack on the chilled food distributor highlights the supply chain risks within the retail sector
-
Cyber attacks are costing UK firms billions every year – ransom payments, staff overtime, and lost business are crippling victims
News New research from ESET shows the cost of cyber attacks against UK businesses is surging, with many victims struggling to remediate breaches.