The U.K. government is moving toward requiring victims of ransomware attacks to report breaches. This measure aims to provide law enforcement with crucial information that could help identify and target the cybercriminals behind these attacks. On Tuesday, the Home Office, the U.K.’s interior ministry, published a proposal outlining a shift in the British government’s approach to combating ransomware.
One of the three key proposals is a mandatory reporting requirement. This would enable authorities to gather essential intelligence needed to disrupt hacking operations and support victims more effectively. The proposal states that mandatory reporting “would equip law enforcement with essential intelligence to hunt down perpetrators and disrupt their activities.”
In addition to the reporting mandate, the U.K. government is proposing two other major changes. First, there would be a ban on paying ransomware demands for public sector and critical infrastructure organizations. Second, other types of organizations would be required to notify the government if they intend to pay a ransom.
Cybersecurity experts have praised these proposals, particularly for their focus on empowering law enforcement. Allan Liska, a threat intelligence analyst and ransomware expert at Recorded Future, commented that the proposals reflect a key truth: ransomware operators and their accomplices are not limited to Russia, and many are within reach of prosecution. He emphasized that this recognition is very important in the fight against cybercrime.
Arda Büyükkaya, a senior cyber threat intelligence analyst at EclecticIQ, also welcomed the proposals, noting that making these measures official sends a strong message. While it remains to be seen how the plans will be implemented, Büyükkaya sees banning ransom payments and pursuing perpetrators as effective deterrents that impose real costs on cybercriminals.
This announcement on Tuesday is part of an ongoing policy consultation process that began in January. During that period, the Home Office first introduced the three key proposals. The government’s response is a significant step toward amending current law, although it is still uncertain whether these proposals will ultimately become legislation.
The idea of banning ransom payments is controversial. Supporters argue it would cut off profits to criminal gangs and reduce the incentive for attacks. However, critics point out that sometimes paying a ransom is the only viable option to restore critical systems and avoid severe harm, especially in crucial sectors like healthcare where downtime can endanger patients’ lives. Earlier this year, Australia passed a law requiring ransomware victims to disclose ransom payments, stopping short of an outright ban.
Overall, the U.K.’s proposed ransomware measures aim to strengthen law enforcement’s ability to combat cybercrime while protecting victims and critical services. As the policy consultation continues, many in the cybersecurity community will be watching closely to see how these proposals evolve.