© 2026 CoolTechZone - Latest tech news,
product reviews, and analyses.

The UK wants to prohibit public sector bodies from paying ransom after a ransomware attack


If it were up to the government, public sector bodies and operators of critical national infrastructure in the United Kingdom would no longer be allowed to pay ransom to cybercriminals when they’ve become the victim of a ransomware attack.

Ransomware is estimated to cost the UK economy millions of pounds each year. In addition, the malicious software can severely cripple British society, especially when vital services are being targeted, such as banks and internet providers. Worst-case scenario, it could jeopardize human lives, for example, when a hospital falls victim to a ransomware attack.

Therefore, the government wants to implement measures to address the threat of ransomware and safeguard businesses, as well as critical services, such as the National Health Service (NHS), local councils, and schools.

The most far-reaching proposal is that these institutions are banned from paying ransom demands to criminals. According to a public consultation, three-quarters of respondents are in favor of this proposal.

“The ban would target the business model that fuels cyber criminals’ activities and makes the vital services the public rely on a less attractive target for ransomware groups,” the government says in a statement.

Businesses not covered by the ban would be required to notify the government of any intent to pay a ransom. The government could then provide those businesses with advice and support.

Additionally, the government is working on mandatory reporting. This could equip law enforcement authorities with essential intelligence to hunt down perpetrators and disrupt their activities.

While the proposed measures are being implemented, the government continues to urge organizations to strengthen their digital security and resilience, such as having offline backups, tested plans to operate without IT for an extended period, and a well-rehearsed strategy for restoring systems from backups.

“Ransomware is a predatory crime that puts the public at risk, wrecks livelihoods, and threatens the services we depend on. That’s why we’re determined to smash the cyber criminal business model and protect the services we all rely on,” Dan Jarvis, Minister of State for Security, says in a response.

The proposed package deal is part of the government’s Plan for Change to defend businesses, services, and infrastructure against cyber threats to better protect the public.