UK government wants ransomware victims to report cyberattacks so it can disrupt the hackers

The U.K. government is pushing for a significant policy shift aimed at tackling ransomware attacks by mandating that victims report breaches. This initiative, revealed by the Home Office on Tuesday, is designed to arm law enforcement with crucial information to target the cybercriminals behind these attacks. Among the three principal proposals outlined, the reporting requirement stands out as a strategic effort to help authorities identify and dismantle hacking operations. The proposal emphasizes that mandatory reporting will provide law enforcement with vital intelligence, enabling them to pursue and disrupt criminal activities more effectively, while also improving support systems for victims. Additionally, the proposal includes a controversial ban on ransom payments for public sector and critical infrastructure organizations. It would also require other victim organizations to notify the government if they intend to pay a ransom. Experts in the field have responded positively to these proposals, particularly the emphasis on aiding law enforcement in their efforts. Allan Liska, a ransomware expert from Recorded Future, noted the acknowledgment that ransomware operations extend beyond just Russia, emphasizing that many offenders are indeed apprehendable and prosecutable. He remarked, "I think it’s super important." Arda Büyükkaya, a senior cyber threat intelligence analyst at EclecticIQ, also praised the move as a step towards formalizing these efforts, stating that while the exact execution remains uncertain, the aims of banning ransom payments and actively pursuing culprits serve as a strong deterrent against cyber threats. This announcement marks the latest development in a policy consultation process that began in January, where the Home Office initially presented these key changes. While the government’s response is a step toward potential legal amendments, the future of these proposals in legislation remains uncertain. The idea of banning ransom payments is contentious; while some view it as a necessary measure to curb criminal enterprises profiting from cyber extortion, others argue that in certain critical sectors, such as healthcare, paying a ransom may be the only viable option to restore operations and protect public safety. Earlier this year, Australia introduced a law requiring victims to disclose ransom payments, stopping short of an outright ban.