Security Minister Dan Jarvis emphasized the government's commitment to reducing cybercrime and enhancing national security by cutting off funding to cybercriminals.

The UK Government has introduced a proposal aimed at banning ransomware payments for public sector bodies and critical national infrastructure, following a series of damaging cyberattacks.

This initiative responds to significant incidents, notably a ransomware attack on the NHS and pathology lab provider Synnovis, which led to data breaches and patient harm.

The Synnovis attack disrupted operations at several London hospitals, resulting in the cancellation of over 800 planned surgeries and 700 outpatient appointments.

To further combat cybercrime, the Home Office launched a consultation on January 15, 2025, aimed at protecting essential services like hospitals and railways from ransomware threats.

The UK's National Cyber Security Centre (NCSC) supports this consultation, highlighting the need for organizations to bolster their defenses against ransomware attacks.

NCA Deputy Director Paul Foster has identified ransomware as the leading cybercrime threat, causing significant financial losses and operational disruptions.

The proposal seeks to disrupt the financial incentives that sustain the cybercriminal business model, aiming to make essential services less attractive targets.

The consultation period for these proposals will conclude in April 2025, but there is no guarantee that they will be enacted into law.

While UK authorities discourage ransom payments, they remain legal unless directed to known terrorist organizations, highlighting the complexity of the issue.

Ultimately, these proposals reflect a broader strategy to enhance cyber resilience across the UK's critical infrastructure and public services.

Proposed measures include a payment prevention regime and mandatory reporting of ransomware incidents to improve intelligence for law enforcement.