Jamie MacColl, Dr Gareth Mott and Jen Ellis
Introduction
Over the past several years, ransomware attacks have become a persistent national security threat. Attacks against hospitals, schools and businesses of all shapes and sizes have normalised what should be intolerable: organised cybercriminals regularly disrupting and extorting victims, causing misery in the process and undermining the UK economy and society.1
Despite some operational success and increased international collaboration against ransomware criminals, significant policy interventions have not been forthcoming. The UK government, like many other national governments, has received criticism for its lack of progress on ransomware. In December 2023, for instance, the parliamentary Joint Committee on the National Security Strategy published a report that argued: ‘If the UK is to avoid being held hostage to fortune, it is vital that ransomware becomes a more pressing political priority, and that more resources are devoted to tackling this pernicious threat to the UK’s national security.’2 Much of this criticism has been directed towards the Home Office, which is the lead department for the government’s counter-ransomware strategy.3
After several years of development, the UK government has launched a consultation on a set of legislative proposals that aim to reduce the impact of ransomware on the UK and increase the amount of intelligence available to operational agencies on incidents and payments. The consultation has three main proposals:4
No comments:
Post a Comment