UK proposes ban on ransomware payments in critical sectors

The UK government has launched a consultation to explore the potential for a nationwide ban preventing operators of critical national infrastructure from bowing to demands from ransomware cybercriminals. 

In the Jan. 14 proposal, the Home Office proposed a “targeted ban” on ransomware payments for all public sector bodies and critical national infrastructure such as the energy, health service and local councils, expanding the existing ban on government departments.

Some ransomware attackers ask for cryptocurrency payments. Other nations, including Australia and the United States were previously exploring a similar ban.

UK Security Minister Dan Jarvis said the goal is to protect national security by cutting off cyber criminals from ransomed funds.

“These proposals help us meet the scale of the ransomware threat, hitting these criminal networks in their wallets and cutting off the key financial pipeline they rely upon to operate,” he said. 

Ransomware attacks threaten our national security & damage our economy.

We’re taking action to deter the cyber criminals responsible by disrupting & defeating their business models.

Our aim is simple: defend our national security & economic prosperity. pic.twitter.com/8DFrXtYlfI

— Dan Jarvis MP (@DanJarvisMBE) January 14, 2025

According to the Home Office, the proposals aim to make essential services in the country “unattractive targets” for cybercriminals. 

Other parts of the proposals include a ransomware payment prevention regime to provide victims with advice and guidance and enable payments to known criminal groups and sanctioned entities to be blocked.

A mandatory reporting regime for ransomware incidents is also being floated to help UK law enforcement agencies target frequent offender groups or entities. The consultation will run until April 8. 

According to the Home Office, cyberattacks on a key London hospital supplier and postal service and courier company, Royal Mail, had “devastating impacts” on the public.

The January 2023 cyberattack on the Royal Mail brought international shipping of parcels and letters through its branches to a standstill, while the August 2022 cyberattack on the health service software provider Advanced Computer Software Group exposed the personal data of nearly 83,000 individuals.

The government office also said that the National Cyber Security Centre managed 430 cyber incidents over the year ending August 2024, including 13 “nationally significant” incidents that “posed serious harm to essential services or the wider economy.”

Related: Crypto’s record-breaking year sees spike in kidnappings and ransom schemes

Meanwhile, the UK’s 2024 National Cyber Security Centre’s (NCSC) Annual Review found ransomware attacks “continue to pose the most immediate and disruptive threat.” 

According to the review, in June 2024, a ransomware attack on pathology laboratory Synnovis delayed elective procedures and outpatient appointments. A separate ransomware attack on Oct. 28 saw the British Library’s online systems comprised. 

In 2023, Australia considered whether ransomware payments should be made illegal after a cyberattack hit Australian consumer lender Latitude Financial. The US was also exploring a ban around the same time. 

Magazine: Crypto market is ‘not playing ball’ so far in 2025: Jason Pizzino, X Hall of Flame