fbpx
News Hub

UK and Singapore lead historic no-pay pact against ransomware

Written by Wed 8 Nov 2023

Led by the UK and Singapore, members of the Counter Ransomware Initiative (CRI) have signed a joint statement denouncing ransomware and payments being made to cybercriminals.

Members of the CRI affirmed on 2 November that relevant funds from central government should not be used to pay a ransomware attacker. This is the first international agreement of its kind.

The UK Government said this sends a clear message that the global community strongly opposes ransomware payments and is committed to disrupting organised cybercrime.  

“Crime should not pay. That is why the UK and her allies are demonstrating leadership on cybersecurity by pledging not to pay off criminals when they try and extort the taxpayer using ransomware,” said Tom Tugendhat, Minister for Security.

The CRI is the only international body where the UK and its partners collaborate to establish strong and effective policies and practices for improving the global response to ransomware.

A key ambition of the UK and the CRI’s international partners is to stem the flow of money to cybercriminals. Both the UK and the CRI hope to build collective resilience through international cooperation and engagement.  

“Ransomware poses a significant threat to organisations in the UK and around the world and so international collaboration is essential for bearing down on cybercriminal operations,” said Felicity Oswald, Chief Operating Officer at the National Cyber Security Centre (NCSC).

The joint statement said a ransomware fee only serves to benefit organised criminals and provides an incentive to continue offending. It does not guarantee the release of data or the removal of malware from an affected network.   

The UK Government has had a long-standing policy that it will never meet the demands of ransomware actors. To date, no fee has ever been paid by the central government and this is the first time the position has been publicly confirmed.  

The UK’s cyber resilience is among the strongest in the world and the Government has taken steps to enhance the nation’s defences. This includes the NCSC online ransomware hub, which provides expert information and practical advice for organisations.   

The UK also works with international partners to target and disrupt cybercriminals. This includes two comprehensive sanctions packages which were issued in unison with the United States.


Hungry for more tech news?

Sign up for your weekly tech briefings!

Written by Wed 8 Nov 2023

Send us a correction Send us a news tip