The British government has announced plans to move forward with a law that would bar public organizations from paying off ransomware attackers. The proposed legislation would add schools, town councils, National Health Service (NHS) hospitals and critical infrastructure managers to a ban which already applies to the national government.
The logic behind banning payments is simple. If cybercriminals know a ransomware attack against a UK school or hospital won't get them paid, they'll look somewhere else for a more lucrative target. Security Minister Dan Jarvis said that the government is "determined to smash the cyber criminal business model," and added that laws in the proposed package will require even private businesses to seek guidance from the government before paying a ransom.
Since the WannaCry attack on the NHS in 2017 launched the modern era of ransomware attacks, the UK has suffered a number of serious incidents. In the last two years alone, attacks have hit the British Library, the BBC and the Ministry of Defence. This may explain why, according to the government's announcement, "nearly three quarters" of public comments on the ban legislation were supportive.
Although bans on ransom payments are a popular solution to the ever-increasing scourge of ransomware, there's currently not much data on whether they work. Two US states, North Carolina and Florida, have enacted similar bans, but it's hard to say what impact they've had. Critics argue that some organizations, especially hospitals, can't afford the long-term disruption of leaving the ransom unpaid, and may choose to pay in unaccountable ways. Furthermore, some hacking groups have aims other than money, and may continue ransomware attacks to sow political chaos.
The UK is moving into uncharted territory as the first nation to pass a ransomware payment ban. We'll be interested to see whether it helps get attacks under control. Either way, the outcome is likely to inform how other countries respond to the continuing threat of cybercrime.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/new-uk-law-would-ban-ransomware-payments-by-publicly-funded-orgs-210851334.html?src=rss https://www.engadget.com/cybersecurity/new-uk-law-would-ban-ransomware-payments-by-publicly-funded-orgs-210851334.html?src=rssConnectez-vous pour ajouter un commentaire
Autres messages de ce groupe
Amazon's latest move in the AI space is an acquisition. The company is purchasing a startup called Bee, which makes a wearable and an Apple Watch app that can record everything the wearer says. Ama
Welcome to Video Games Weekly on Engadget. Expect a new story every Monday or Tuesday, broken into two parts. The first is a space for short essays and ramblings about video game trends and rel
Lucid EV owners will soon have full
Switch 2 owners won't have long to wait for
