Block the payout, brace for impact: navigating the potential ransomware payment ban – 1v1 Video Chat & LIve Streaming & Influencer Subscription

By Crystal Morin

Tech Radar Pro

Tech Radar Gaming

Tech Radar Pro

TechRadar the business technology experts

Search TechRadar

View Profile

België (Nederlands)

Deutschland

North America

US (English)

Australasia

New Zealand

Expert Insights

Website builders

Web hosting

Amazon Prime Day deals
Best web hosting
Best office chairs
Best website builder
Best antivirus
Expert Insights

You may like

The government’s ransomware payment ban: what are the wider implications?

Ransomware attacks can’t be eliminated, but collaboration can increase resilience

How emerging ransomware trends can help inform payment decisions

Where it concerns a CNI victim, there may be lives at risk. The easiest example is a hospital. Imagine your local hospital falls victim of a targeted ransomware attack and all of the internet-connected devices within the facility cannot properly function to sustain the lives of those inside. Or perhaps a water supply or electricity facility that provides service to the hospital is targeted.

These ransomware attacks would also impact the hospital and people’s lives. In the heat of the moment, those ransomware payments can be used to quickly calm the panic and return to normal, recovering bricked systems and getting critical services up and running.

Crystal Morin
Social Links Navigation

Cybersecurity Strategist at Sysdig.
The potential impact of a ban
To put it bluntly, banning ransomware payments will not solve the problem. A total ban will make it much harder for some public sector organizations when the situation arises – and unfortunately, it will arise. As we covered, healthcare providers, for example, would be hugely affected. In my opinion, the onus should be on the victim organization to decide on whether to make a ransomware payment, especially when lives are on the line. Only those that are directly affected have enough insight and context to weigh this kind of decision based on the risks and impacts of whether or not the payment is made.
If the UK does decide to implement a full ban on payments, there will be even more pressure on public sector organizations to ensure their business continuity plans are sufficient enough to protect and recover their data following a ransomware attack. Inevitably, it will lead to a new regulation, mandating and checking that all organizations from large central bodies to small niche concerns and tertiary partnerships and shared services are all in adherence.
Presumably, each of these organizations already have their own technology investments and continuity plans in place, but to align with a ransomware payment ban and potential regulatory security requirements, they would have to make changes.
The time to plan for ransomware response is, of course, before an incident happens. So adequate continuity and data protection policies can be level-headedly implemented, scaled and – most importantly – tested. This planning phase, on a grander scale, would include making more resources available to help public sector organizations ensure they are resilient and that their backup plans work effectively.
Adopting a “center of excellence” approach would help organizations to be better prepared, protect their users, and recover more effectively. If the government were to be so kind as to implement the ban with a loophole, there would also need to be additional support for CNI organizations that must pay the ransom in order to get back to service delivery. Would there then be specific consideration for public-private partnership or outsourcing providers, and whether those private companies would also be covered by the ban?
Between theory and practice
There’s a fine line between preventing ransomware attacks by turning off the financial incentive and only encouraging attackers to change their tactics. Whereas ransomware attacks are currently often public fanfare, they could be forced into secrecy and we could see less intelligence sharing across the cybersecurity community under a ban.
Ransomware remains lucrative for attackers, so it likely won’t go away any time soon. In response, regardless of the ban, organizations have to adopt real-time threat detection and response capabilities to prevent potential attacks on their cloud deployments as quickly as possible. Ultimately, maintaining effective and tested data backups in the event of something going wrong remains a crucial part of the resiliency equation.
Separating systems across different networks or cloud environments also helps to prevent single points of failure that ransomware actors can exploit, reducing the blast radius and hopefully giving you some flexibility and access during an attack.
In a perfect world, organizations should be able to detect a potential attack and shut it down before the ransomware is deployed. This requires preparation and the right processes and security tools. By continuing to stay one step ahead and preventing attacks, we can hopefully argue against and avoid the ransomware payment ban.
We’ve featured the best data loss prevention service.
This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

Crystal Morin

Social Links Navigation

Crystal Morin, Cybersecurity Strategist, Sysdig.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

The government’s ransomware payment ban: what are the wider implications?

Ransomware attacks can’t be eliminated, but collaboration can increase resilience

How emerging ransomware trends can help inform payment decisions

UK Public Sector under fire: the battle against cybercrime

AI is rewriting the ransomware playbook – can businesses keep up?

More than 7 out of 10 businesses worldwide were hit by ransomware in 2024: here’s what you need to know about this epidemic

Latest in Pro

5 ways AI marketing can help drive your ecommerce success

Hacker threatens to leak a rumoured huge cache of stolen Telefónica data

Louis Vuitton says customer data was leaked following cyberattack

Get ahead of third-party risk or wave goodbye to your cyber resilience

Moving past the hype: what does AGI really mean for your business?

Oracle is reportedly giving the US government some major software cloud discounts

Latest in Opinion

Get ahead of third-party risk or wave goodbye to your cyber resilience

Moving past the hype: what does AGI really mean for your business?

Modernizing data center infrastructure: how businesses thrive beyond legacy data centers

The DDoS smoke screen: why restoring uptime may be your first mistake

Yes, there are AirPods Pro 2 deals in the 4th of July sales – but you shouldn’t buy them, here’s why

Europe needs to decouple from Big Tech USA: Here’s 5 ways it can be achieved