The UK government has revealed new cybersecurity protocols aimed at preventing public sector and essential national infrastructure organizations from executing ransomware payments to cybercriminals. This initiative seeks to safeguard entities such as the National Health Service (NHS), local government councils, and educational institutions. As reported in a blog post by the UK Home Office, nearly three-quarters of those polled are in favor of this initiative. The regulations will mandate that businesses alert the government prior to making any ransomware payments, assisting in the prevention of payments to sanctioned gangs in nations like Russia.

Ransomware continues to pose a major threat, with recent attacks on the cryptocurrency platform Coinbase and the NHS showcasing its effects. In the Coinbase case, hackers sought $20 million after breaching data from 70,000 customers. Rather than complying with the ransom, Coinbase proposed a $20 million reward for capturing the hackers and promised to indemnify user losses.

In the United States, firms are required to report ransomware events due to federal and state regulations. Nonetheless, only North Carolina has enacted a law that bans payments to ransomware groups, and this applies solely to state agencies and local governments. The UK’s new protocols may indicate a shift in the approach to ransomware payments, tackling an international issue for governments and businesses alike.