Consultation on ransomware: how to reduce payments to criminals

The government is consulting on proposals to reduce the threat posed by the criminal infection of computer systems with malicious 'ransomware' software.

Ransomware is malicious software (malware) that infects a victim’s computer system. A ransomware attack can:

  • prevent the victim from accessing IT systems or severely impair their use
  • facilitate the theft of personal or other sensitive data held on the victim’s networked systems or devices

A ransom is demanded (normally payment of cryptocurrency) from the victim to regain access to the system, for data to be restored or for confidential data not to be published on websites run by criminals.

The Home Office proposes to introduce legislation to counter ransomware and meet three main objectives:

  • to reduce the amount of money flowing to ransomware criminals from the UK, thereby deterring criminals from attacking UK organisations
  • to increase the ability of operational agencies to disrupt and investigate ransomware actors by increasing our intelligence around the ransomware payment landscape
  • to enhance the government’s understanding of the threats in this area to inform future interventions, including through cooperation at international level

They are asking people to respond to the public consultation on behalf of their business or relevant sector.

The consultation closes on 8th April 2025.