27.01.25

Government Considers Ban on Ransomware Payments in “World-leading” Proposals

Ransomware payments – government considers “world leading” proposals

The UK government is consulting on new “world-leading” ransomware proposals, including a ban on specific organisations making ransomware payments, to tackle the growing threat of cyber-crime.

Ransomware is an acute threat to most businesses. According to the government, an estimated $1 billion flowed to ransomware criminals across the globe in 2023. Along with the financial and operational risks associated with cyber-breaches, ransomware attacks threaten national security and critical infrastructure.

“Driving down cyber-crime is central to this government’s missions to reduce crime, deliver growth and keep the British people safe,” said Minister of State for Security Dan Jarvis.

The Government’s Proposals Explained

Ransomware attacks entail a cyber-criminal compromising a device or server with malware and demanding a large payment, typically in cryptocurrency, to restore the technology and any stored data. Russian-affiliated criminal gangs, or those from former Soviet states, carry out many of the ransomware attacks. According to the National Cyber Security Centre’s Annual Review 2024, ransomware attacks are the most immediate and disruptive threat to the UK’s critical national infrastructure, including energy and transport networks.

The government’s new proposals are designed to “[hit] these criminal networks in their wallets and [cut] off the key financial pipeline they rely upon to operate,” said Jarvis.

The three proposals are as follows:

1. Expand the existing ban on ransomware payments to include additional organisations. Currently, only government departments are banned from making ransomware payments. Under the new proposals, all public sector bodies and operators of critical national infrastructure will be prohibited from making ransomware payments, including schools, local councils and the NHS.
2. Enhance measures to prevent ransomware payments. The government plans to arm the National Crime Agency with an increased awareness of live attacks and criminal ransom demands. In addition, the government will require organisations not covered by the ban to report their intention to pay a ransom, which will be assessed and could be blocked if it involves known criminal groups.
3. Mandate the reporting of ransomware incidents. Ransomware victims will be required to report the incident within a mandatory period, aiding UK law enforcement agencies’ intelligence efforts.

Next Steps

The consultation marks the government’s intention to protect the UK from the damaging effects of ransomware attacks. In addition to staying abreast of regulatory changes, organisations should scrutinise their cyber-defences and consider robust cyber-insurance to mitigate the impact of ransomware and other cyber-crime.

Visit the government website for further details of the government’s consultation.

Contact us today for additional risk management guidance and insurance solutions.

The cyber-threat information provided by Zywave and contributed by Lisa Langley, Cert CII, Team Leader, Professional Risks, Cox Mahon Ltd.

Contains public sector information published by GOV.UK and licensed under the Open Government Licence v3.0.
The content of this publication is of general interest and is not intended to apply to specific circumstances or jurisdiction. It does not purport to be a comprehensive analysis of all matters relevant to its subject matter. The content should not, therefore, be regarded as constituting legal advice and not be relied upon as such. In relation to any particular problem which they may have, readers are advised to seek specific advice from their own legal counsel. Further, the law may have changed since first publication and the reader is cautioned accordingly. © 2025 Zywave, Inc. All rights reserved.