U.K. to ban ransomware payments by public sector and critical infrastructure operators

07/26/2025 / By Laura Harris

The U.K. government is advancing plans to ban ransomware payments across the public sector and critical national infrastructure, such as the NHS, local councils and energy providers, expanding an existing ban on government departments.
Despite a 35 percent decline in ransomware attacks in 2024, the National Cyber Security Centre warns the threat remains serious, citing recent attacks on Synnovis and the British Library as examples of ongoing disruption.
The proposal includes a mandatory reporting system requiring victims to report ransomware incidents within 72 hours, as well as a potential prevention regime requiring non-covered entities to notify authorities if they intend to pay a ransom.
Nearly 75 percent of respondents to a public consultation supported the ban and 63 percent backed mandatory reporting. However, opinions were divided on the appropriate penalties, with concerns about criminalizing victims.
While penalties for non-compliance received general support, the Home Office is still evaluating whether they should be civil or criminal, aiming to balance enforcement with fairness to affected organizations.

The U.K. government is pushing forward with plans to ban ransomware payments across the public sector and operators of critical national infrastructure.

Ransomware, a malicious software that locks users out of their systems until a ransom (often in cryptocurrency) is paid, remains one of the most disruptive cyber threats facing the United Kingdom. While recent data shows a decline in attacks, the threat persists. Blockchain analytics firm Chainalysis reported a 35 percent drop in ransomware incidents last year compared to 2023. However, the National Cyber Security Center has warned that the threat remains immediate and disruptive.

The Annual Cyber Security Review, released in December 2024, cited several high-profile attacks as examples. A June 2024 ransomware incident targeting pathology lab Synnovis led to delays in elective procedures and outpatient appointments. A separate attack in October 2023 severely compromised the British Library’s digital systems.

Ransomware may have declined in volume, but the financial toll of cybercrime remains significant. A report in June by blockchain security firm CertiK found that wallet compromises and phishing attacks now account for the bulk of crypto-related losses. (Related: Ransomware gang claims responsibility for recent hacking incident against conservative newspaper The Washington Times.)

In line with this, the U.K. government proposed a plan on July 22 that would prohibit organizations such as the National Health Service, local councils and energy providers from paying ransoms to cybercriminals. The move, which follows a public consultation, was built on an existing ban already in place for central government departments.

The proposals include a new threshold-based reporting system. Under this system, any victim of a ransomware attack would be required to file an initial report within 72 hours, including key details of the incident, followed by a more detailed account within 28 days. The Home Office is also considering new requirements for businesses and organizations not covered by the ban. These would include a mandatory “prevention regime” obliging victims to notify the government if they intend to pay a ransom.

“Ransomware preys on businesses and disrupts vital public services like schools and hospitals. We must protect our economy against the criminals who hold organizations to ransom. I’ve announced our plan to target these criminal networks and smash the ransomware operating model,” said U.K. Security Minister Dan Jarvis.

U.K. ransomware payment ban gains broad support, but penalties spark debate

A clear majority supports the proposal to ban ransomware payments across public sector bodies and critical national infrastructure, but opinions are split on whether and how to penalize those who violate the rules. The consultation, which ran from Jan. 14 to April 8, drew 273 responses. Of those, 57 percent came from organizations, 39 percent from individuals and the remaining four percent from other groups.

According to the results, nearly 75 percent of respondents backed the proposed targeted ban, citing the need to curb the profitability of ransomware attacks that continue to disrupt vital public services. The consultation also revealed varying levels of support for related proposals.

A majority of 63 percent backed the introduction of a threshold-based mandatory reporting system. In contrast, only 41 percent supported retaining the current voluntary reporting framework. Opinions were more divided on the proposed prevention regime, with nearly half of respondents expressing support for an economy-wide ransomware payment ban, rather than limiting the measure to specific sectors.

However, views diverged sharply on what enforcement should look like. Respondents generally supported penalties for breaches across all three proposals, including the ransomware payment ban, a prevention regime for non-covered entities and mandatory reporting, but concerns were raised about the risk of “criminalizing victims.” Some respondents questioned whether penalties should be criminal or civil in nature, and warned of unintended consequences for businesses already grappling with cyberattacks.

The Home Office acknowledged the complexity, saying it would “continue to explore the most appropriate and proportionate penalties” in light of the mixed feedback.

Visit CyberWar.news for more similar stories.

Watch the video below that talks about ransomware attacks, where victims are left without water or money access.

This video is from the InfoWarSSideBand channel on Brighteon.com.

U.K. to ban ransomware payments by public sector and critical infrastructure operators

U.K. ransomware payment ban gains broad support, but penalties spark debate

More related stories:

RECENT NEWS & ARTICLES