Published in News

UK to ban public sector ransom payments after cyber attacks

by on24 July 2025
UK to ban public sector ransom payments after cyber attacks


Starve ransomware gangs of easy cash

The UK government plans to stop public sector bodies and critical infrastructure operators from paying off ransomware crooks, even if it means enduring painful outages.

Local councils, schools, and the NHS would fall under the proposed ban. Officials say ransomware costs the UK economy millions each year and the high-profile attacks on essential services have exposed life-threatening risks.

In a statement, the UK government said: "Ransomware is estimated to cost the UK economy millions of pounds each year, with recent high-profile ransomware attacks highlighting the severe operational, financial, and even life-threatening risks.”

“The ban would target the business model that fuels cyber criminals’ activities and makes the vital services the public rely on a less attractive target for ransomware groups.”

Security minister Dan Jarvis added: “We’re determined to smash the cyber criminal business model and protect the services we all rely on as we deliver our Plan for Change. By working in partnership with industry to advance these measures, we are sending a clear signal that the UK is united in the fight against ransomware.”

Private companies won’t escape entirely. Those outside the ban would have to notify the government before paying, to ensure they’re not accidentally wiring money to sanctioned Russian gangs or other dodgy outfits.

A mandatory reporting system is in the works so law enforcement can track attacks more effectively and gather intelligence on the criminals.

The announcement follows a public consultation in January that laid the groundwork for banning ransom payments across public services and critical national infrastructure while forcing better reporting of attacks.

Ransomware remains the top cybercrime threat in the UK, treated as a national security risk by the National Cyber Security Centre and the National Crime Agency.

Recent victims highlight just how messy it gets. The NHS and the British Library have been hammered in the past. In April, Marks & Spencer was hit with a DragonForce ransomware attack that encrypted virtual machines on VMware ESXi hosts, halting online orders and wreaking havoc across its 1,400 stores.

The Co-op admitted another breach where attackers stole member data, while Harrods was forced to restrict network access after a cyber gang tried to sneak in.

Last modified on 24 July 2025
Rate this item
(0 votes)
Tagged under
More in this category: « AMD's triple-slot RX 7000 cooler leaks TSMC's US fabs cost Big Tech more »
back to top

Most popular

Latest comments

Read more about: