LONDON (Reuters) -Britain plans to ban public sector bodies and operators of critical national infrastructure, including the state-run health service, local councils and schools, from paying ransom demands to cyber criminals, it said on Tuesday.
The country has been the victim of many high-profile ransomware attacks in recent years, from the “WannaCry” cyber attack that crippled Britain’s National Health Service in 2017 to the British Library suffering disruption when it refused to pay a ransom in 2023.
“We’re determined to smash the cyber criminal business model and protect the services we all rely on,” security minister Dan Jarvis said in a statement. “We are sending a clear signal that the UK is united in the fight against ransomware.”
Ransomware, which is malicious software used by criminals to access victims’ computer systems, encrypt data, or steal information and hold it hostage until a ransom is paid, is estimated to cost the economy millions of pounds each year, the statement said.
The recent attacks highlight “the severe operational, financial, and even life-threatening risks,” it said. The package of measures includes a ransomware payment prevention regime for victims of ransomware attacks and a ransomware incident reporting regime.
A more recent attack on the NHS was cited as one of the factors that contributed to a patient’s death, according to the statement. A slew of attacks on British retailers from Marks & Spencer to Co-op Group have also shaken public confidence this year.
Under the proposals, businesses not covered by the planned ban would be required to notify the government of any intent to pay a ransom, so they can be provided with advice and support, while mandatory reporting is also being developed to equip law enforcement with essential intelligence to deal with perpetrators and disrupt their activities.
(Reporting by Muvija M in London; Editing by Nia Williams)
Disclaimer: This report is auto generated from the Reuters news service. ThePrint holds no responsibility for its content.