UK govt set to expand ransomware payment ban


The ban would aim to cut the flow of ransom payments to organised cybercrime groups as well boost intelligence gathering to target and disrupt them, the government's Home Office said. — Image by Freepik

LONDON: The UK government said on Jan 14 it would consult on proposals to ban bodies running essential public services and critical national infrastructure from making ransomware payments.

The ban would aim to cut the flow of ransom payments to organised cybercrime groups as well boost intelligence gathering to target and disrupt them, the government's Home Office said.

Attacks were "largely by Russian-affiliated criminal gangs" and posed "the most immediate and disruptive threat to the UK's critical infrastructure", according to the National Cyber Security Centre's 2024 annual review.

A ransomware attack last June led to major disruption at London hospitals.

Security Minister Dan Jarvis said the initiative would "help us meet the scale of the ransomware threat, hitting these criminal networks in their wallets and cutting off the key financial pipeline they rely on to operate".

Ransomware criminals were estimated to have raked in US$1bil (RM4.50bil) globally in 2023, he added.

Under the proposals, bodies including the state-funded National Health Service (NHS), local councils and schools would be banned from making ransomware payments.

A ban already applies to government departments.

There would also be a mandatory reporting regime for ransomware incidents to bring the crime "out of the shadows" and assist investigators, the Home Office said.

Officials said last year an international operation led by UK and US law enforcement had severely disrupted "the world's most harmful cybercrime group", the Russian-linked ransomware specialist LockBit.

LockBit and its affiliates had targeted governments, major companies, schools and hospitals, causing billions of dollars of damage and extracting tens of millions in ransoms from victims.

Those targeted included Britain's Royal Mail, US aircraft manufacturer Boeing, and a Canadian children's hospital.

In January 2023, US law enforcers shut down the Hive ransomware operation which extorted some US$100mil (RM450.07mil) from more than 1,500 victims worldwide.

In June 2023, a cyberattack on service supplier Synnovis particularly hit blood transfusions, and hundreds of appointments and operations were cancelled at two of the UK's biggest hospitals – King's College Hospital and Guy's and St Thomas' in the centre of the British capital. – AFP

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Tech News

Apple aims to bring AI features and spatial content app to Vision Pro, Bloomberg reports
No need for one country to control chip industry, Taiwan official says
Spotify weighs $5.99 premium for added features, ticket access, Bloomberg News reports
Samsung Galaxy S25 review: Is more camera and more AI enough?
How it's done: Tips for avoiding romance scams
How did DeepSeek build its AI with less money?
With attack on Consumer Bureau, Musk removes obstacle to his 'X Money' vision
Fund managers boost exposure to bitcoin ETFs, quarterly US filings show
OpenAI board rejects Musk's $97.4 billion offer
Trump may not support foreign firm operating Intel's US factories -White House official says

Others Also Read