Jamie MacColl reacts to UK Government measures to tackle the threat of ransomware

'I remain sceptical that the partial ransom payment ban for the public sector and critical national infrastructure is going to have the desired effect and make the UK a less attractive target for cybercriminals. Ransomware, as the NCA and NCSC’s own whitepaper on ransomware makes clear, is a largely an opportunistic crime and most cybercriminals are not discerning. Ransomware threat actors are unlikely to develop a rigorous understanding of UK legislation or how we designate our critical national infrastructure. Given that, I can’t see most cybercriminals taking a limited UK payment ban into account for their operating models. This risks making ransomware recovery harder for UK critical national infrastructure operators without reducing the likelihood they’ll be victimised in first place.'

'While the proposal to require reporting for ransomware incidents and payments would be a positive move, there are a lot of open questions about how the mechanism will work and what law enforcement will do with the data. If the NCA is going to be receiving more information and intelligence reports, then it’s important it receives a significant increase in funding. Without that, we will just end up in a situation where law enforcement is unable to process and exploit the additional intelligence it receives. I haven’t seen any indication that the National Cyber Crime Unit in the NCA will receive additional resources.'