Majority of UK Business Leaders Prepared to Face Potential Legal Consequences for Payment of Ransoms
The UK government has proposed a ban on ransom payments for public sector bodies and operators of critical national infrastructure, in a move aimed at combating the growing threat of ransomware attacks.
According to a recent survey, 94% of business leaders support this limitation for public bodies, and an impressive 99% support it for private organizations. The survey also revealed that 96% of UK business leaders believe payments should be banned across both sectors.
Implications for Public Sector Bodies
The ban, if enforced, could have significant implications for public sector bodies. They would be required to report any intent to pay a ransom to the government, which would then inform them whether or not they'd be breaking the law by sending money to sanctioned cyber criminal groups, many of which are based in Russia.
Implications for Private Sector Firms
For private sector firms, the situation is more complex. While the government's proposals place certain constraints on ransom payments, a total ban for the private sector is not yet confirmed. However, if extended, private firms would face significant challenges in recovering from ransomware attacks, as they would be legally restricted or pressured against paying ransoms to regain access to encrypted data or systems.
Potential Challenges and Solutions
If the ban is imposed, private sector firms would need to adopt alternative measures to recover from ransomware attacks. These could include strengthening cyber resilience, investing in reliable and tested backup and recovery solutions, engaging with government advisory bodies and services, and collaboration within the private sector to share cyber intelligence and best practices.
A well-enforced ban could help take the profit out of ransomware, but it must be matched by greater investment in prevention, detection, and recovery-testing. This is crucial to ensure that firms are not only compliant but also resilient against these attacks.
Public Opinion and Compliance
Despite the support for the ban, a 2025 survey found that 75% of UK businesses would break a ransomware payment ban to save their company, indicating practical challenges in enforcing such a ban without strong alternative support and resilience frameworks.
Expert Opinion
Darren Thomson, field CTO EMEAI at Commvault, stated that paying a ransom rarely guarantees recovery and often increases the likelihood of being targeted again. Jane Frankland, CEO of security training firm Knewstart, concurred, stating that ransomware and cyber attacks will be a concern for a long time.
Special Offer
In related news, Keeper Security is offering a special 30% discount on its Business Starter and Business plans, providing businesses with an opportunity to invest in robust cybersecurity solutions.
[1]: Source 1 [2]: Source 2 [3]: Source 3 [4]: Source 4
- To effectively deal with the challenges posed by ransomware attacks, public sector bodies and private organizations might need to invest in infrastructure enhancements, specifically in cybersecurity technology, to strengthen their resilience when an attack occurs.
- Given the potential for severe consequences if a ransomware payment ban is enforced, and the fact that 75% of UK businesses would still pay ransoms despite the ban, it's essential for both sectors to focus on enhancing their cybersecurity measures, both in terms of technology and strategy, as an alternative approach to combat ransomware attacks.
