UK businesses warned not to capitulate to ransomware demands

Businesses are being urged not to pay cyber criminals, as authorities say they are seeing evidence of a rise in ransomware payments.

In a joint letter to the UK Law Society, the UK National Cyber Security Centre (NCSC) and the Information Commissioner’s Office have warned solicitors who may have been advising their clients to pay.

The joint letter states that while ransomware payments are “not unusually unlawful” those who pay them “should be mindful of how relevant sanctions regimes (particularly those related to Russia)” are when considering making the payment.

As the NCSC warns: “Even if you pay the ransom, there is no guarantee that you will get access to your computer, or your files.”

The warning follows a similar one earlier this year cyber security experts from the UK, US, and Australia which advised = of a “growing wave of increasingly sophisticated ransomware attacks” which could have “devastating consequences”.

Despite the continuing Russian war in Ukraine, the NCSC said it has not detected any increase in hostile activity targeting Britain during the conflict.

Businesses however had been warned that there is a heightened threat level when it comes to cyber-attacks due to the conflict which is likely to be here “for the long-haul”.

NCSC’s chief executive, Lindy Cameron, has previously stated that ransomware “remains the biggest online threat to the UK and we do not encourage or condone paying ransom demands to criminal organisations”.

“Unfortunately we have seen a recent rise in payments to ransomware criminals and the legal sector has a vital role to play in helping reverse that trend. Cyber security is a collective effort and we urge the legal sector to work with us as we continue our efforts to fight ransomware and keep the UK safe online.”

She added that the NCSC expects ransomware will continue to be an attractive route for criminals as long as organisations remain vulnerable and continue to pay.