Thursday, June 4, 2026
Latest:
News

UK plots ban on ransom payments as cyber attack threat grows

seanhackacademy

The United Kingdom will move to outlaw ransom payments by public bodies and critical national infrastructure operators after ministers warned that cyber criminals are striking at an “extremely significant” scale each year.

Security minister Dan Jarvis said new Home Office plans are designed to break the business model behind ransomware, the malware that locks or steals data until victims pay. “These attacks are completely unacceptable. There is more we must do to guard against them,” he told PA.

What the proposals cover

  • Public sector ban
    Central government departments, local councils, health services and other public organisations would be barred from handing over money to hackers, removing a key avenue for extortion.

  • Critical infrastructure ban
    Operators of energy networks, water utilities, transport systems and other essential services would face the same prohibition, aimed at preventing disruptions that can threaten public safety.

  • Private‑sector notification rule
    Businesses outside the ban would be legally required to inform the government if they plan to pay a ransom, giving security agencies real‑time insight into attacks and payments.

  • Mandatory incident reporting
    Any organisation targeted by ransomware would have to report the breach to authorities, filling gaps that currently leave many incidents hidden from regulators, customers and investors.

Why ministers say action is needed

  • Rising attack volume
    The UK and its allies record thousands of significant cyber incidents annually, with hostile states and organised crime both active.

  • High‑profile breaches
    Recent attacks on Marks & Spencer, the Co‑op and Harrods, plus the discovery that Chinese actors exploited a vulnerability in Microsoft SharePoint to hit corporations and agencies, underline the threat.

  • Payment fuels crime
    Officials argue that every ransom paid funds further hacking, making curbs essential to “deter and disincentivise” criminals.

Jarvis insisted the measures will ensure hackers “face the full weight of UK law whether they are operating from Russia or anywhere else”. He added that removing the option to pay will make British targets less attractive.

Business reaction and next steps

Retailer Marks & Spencer, which suffered a cyber incident this year, recently urged MPs to require compulsory breach disclosure, claiming two large hacks had gone unreported. Industry groups are expected to scrutinise the proposals, warning that outright bans could leave some organisations with no quick route to restore operations.

The Home Office will consult on the draft legislation in the coming months, with final wording expected in a broader cyber security bill later this year. If passed, the rules would place the UK among the first nations to restrict ransom payments in both public and strategic private sectors.

Photo Credit: DepositPhotos.com

Leave a Reply

Your email address will not be published. Required fields are marked *