UK sticks it to cybercriminals with ban on ransomware payments
You heard the sentence: “We do not negotiate with terrorists.” Well, the British government seems to have a similar approach in mind to deal with cybercriminals.
Today, the British government has announced that it would introduce new cybersecurity measures to prohibit the public sector and critical national infrastructure organizations to make ransomware payments to cybercriminals.
In ransomware attacks, cybercriminals fly data or take control of critical technological infrastructure, then require ransom payments to restore access.
A blog article published today by the UK Home Office indicates that the new Ransomware rule will affect the National Health Service (NHS) in the country, local governments and schools. The British government said almost three -quarters of those questioned about the measure supported this proposal.
Mashable lighting speed
The new cybersecurity rules are designed to protect both public organizations and private companies. According to Bleeping Computer, the measure will also force companies to inform the government before making ransomware payments. This would allow the government to prevent payments from cybercriminal gangs sanctioned in countries like Russia.
Ransomware is a threat of persistent cybersecurity, and the recent ransomware attack for the exchange of Coinbase cryptocurrency obtained a place in our guide to the biggest data violations of the year. In the United Kingdom, cybercriminals also attacked the NHS and, more recently, the retail company Marks & Spencer.
In the Violation of Coinbase, the hackers held hostage data of nearly 70,000 Coinbase customers and asked for $ 20 million to restore access to compromised customer support systems. By refusing to pay the ransom, Coinbase rather established a reward of $ 20 million to bring the criminals responsible for the legal attack and promised to cover financial losses to their users.
In the United States, companies are faced with federal and state regulations that force them to report ransomware incidents. However, according to the National Conference of States Legislatures, North Carolina is the only state to have legislation that prohibits payments to ransomware groups. In addition, this law only applies to state agencies and local governments.
The new rules of the United Kingdom could be the start of a new approach to ransomware payments, an international problem for governments and businesses.
