Your Guide to The UK Government’s Plan to Ban Ransomware Payments in the Public Sector

The UK government has proposed a new plan to crack down on ransomware attacks targeting public sector organisations.

Right now, paying ransomware gangs is discouraged by the National Cyber Security Centre but it isn’t illegal—unless the money is going to sanctioned groups or those linked to terrorism.

The suggested ban, put forward by the Home Office, would build on an existing ban that stops government departments from paying ransom demands to hackers – expanding it to protect other at-risk public institutions like the NHS, local councils, and schools.

So, what can you expect if the new plan goes through? This guide will take a closer look at the 3 main proposals of the new strategy and its potential impact to keep you in the loop.

The rise of ransomware attacks on public sector organisations

Public sector organisations in the UK—including councils, schools, and the NHS—are increasingly at risk for ransomware attacks.

In 2017, the NHS was hit by a large-scale phishing attack called “WannaCry”, affecting many hospitals and healthcare organisations nationwide.

But how was such a large organisation brought to its knees by an attack like this? It began when cyber criminals sent fake emails to NHS staff, making them look like they were from trusted sources.

These emails tricked employees into handing over their login details, which were then used to gain access to personal patient data.

This cyber attack caused a lot of problems—disrupting patient care, delaying treatments, and damaging people’s trust in the NHS’s ability to protect their sensitive info.

Although the NHS didn’t pay the hackers and recovered from the attack fairly quickly, lower-scale ransomware victims – like schools – often feel the impact of these attacks much more deeply.

Look at it this way: Many schools are already stretched thin with tight budgets and are just trying to keep things running day-to-day. They can’t afford to pay ransom fees to cyber criminals or deal with the huge financial strain that comes with recovering from an attack. But without better governmental protection, many schools might not know they have a choice.

Key proposals of the ban on ransomware payments

The Home Office-led consultation will consider 3 proposals:

1. Banning ransomware payments in the public sector

The first proposal is to ban public sector organisations from paying ransom to hackers. The idea is simple: if these organisations aren’t allowed to pay ransoms, hackers will be less likely to target them.

This also helps protect public resources, making sure taxpayer money isn’t used to fund criminal interests. By blocking that flow of cash, the government hopes to make essential services more secure and harder for attackers to disrupt.

2. Blocking payments with NCA oversight

The second proposal takes a bigger swing at stopping money from flowing into the hands of ransomware attackers. It would give the National Crime Agency (NCA) more power to monitor incidents in real time, tracking ransomware attacks as they happen and guiding victims on which steps to take next.

The NCA would also have the authority to block payments heading to known criminal groups or those on sanctions lists.

Cutting off this access to cash makes it much harder for criminals to keep their operations running. This strategy hits cybercrime where it hurts—the wallet—helping to reduce the number of ransomware attacks over time.

3. Mandatory reporting of ransomware incidents

The third proposal would make it a requirement for organisations to report ransomware attacks that target them.

Why is this important? Because these incidents tend to fly under the radar. Mandatory reporting would bring them to light, and the more we know about these attacks, the easier it’ll be for law enforcement to understand what they are up against.

With real data at their disposal, not only can law enforcement go after hackers as they arise, but they can also track trends and warn others about emerging threats.

What we know about the Australian Security Bill

The UK’s new plan to ban ransomware payments is based on Australia’s Privacy and Other Legislation Amendment Bill, which passed in November 2024.

The bill requires businesses to report any ransom payments to the government. Like the UK, Australia took this step because of the growing number of successful ransomware attacks, including attacks on big companies like Optus and Medibank.

In addition, the bill includes rules to improve smart device security, like banning default passwords. These rules are similar to UK and EU laws, like the UK’s Product Security and Telecommunications Infrastructure Act. Australia also plans to set up a Cyber Incident Review Board to keep an eye on large-scale cyberattacks moving forward.

BackupVault: Supporting the future of ransomware protection

BackupVault fully supports the UK government’s plans to ban ransom payments in the public sector. We understand that ransomware attacks are a serious threat, and we believe this change will help protect the public sector from costly disruptions while encouraging better security practices across the board.

How we help organisations protect themselves:

• Up-to-date antivirus/EDR and security systems: BackupVault  works with the latest antivirus and endpoint detection and response (EDR) systems to help guard against emerging ransomware threats.
• Daily offsite backups: BackupVault provides daily backups of your data to a secure offsite cloud location, keeping your data protected and making sure it’s recoverable in the event of a ransomware crime.
• Immutable backups: BackupVault uses immutable backup technology, meaning your backups cannot be altered or infected by ransomware, ensuring that your data stays safe even during an attack.

Start your 14-day free BackupVault trial today or get in touch with our team for more information.