UK Plans To Ban Public Sector Organizations From Paying Ransomware Hackers

U.K. public sector and critical infrastructure organizations could be banned from making ransom payments under new proposals from the U.K. government. The U.K.’s Home Office launched a consultation on Tuesday that proposes a “targeted ban” on ransomware payments. Under the proposal, public sector bodies — including local councils, schools, and NHS trusts — would be banned from making payments to ransomware hackers, which the government says would “strike at the heart of the cybercriminal business model.”

This government proposal comes after a wave of cyberattacks targeting the U.K. public sector. The NHS last year declared a “critical” incident following a cyberattack on pathology lab provider Synnovis, which led to a massive data breach of sensitive patient data and months of disruption, including canceled operations and the diversion of emergency patients. According to new data seen by Bloomberg, the cyberattack on Synnovis resulted in harm to dozens of patients, leading to long-term or permanent damage to their health in at least two cases.