UK among countries to sign ransomware payments agreement
A group of more than 40 countries have signed an agreement pledging not to use central government funds to pay ransoms to cyber criminals.
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.The UK is among more than 40 countries to have signed a pledge agreeing that central government funds should not be used to pay ransomware demands to cyber criminals.
A joint statement from the Counter Ransomware Initiative (CRI) said the countries āwould lead by exampleā by not paying ransomware demands and āstrongly discourage anyoneā from doing so.
The UKās National Cyber Security Centre (NCSC) has always advised businesses and individuals to never pay ransomware demands, and it has been long-standing Government policy to not do so.
The agreement has also been signed by countries including the US, Australia, Canada, France, Germany, Japan and South Korea, as well as Interpol.
Security minister Tom Tugendhat said the agreement would help set a new āglobal normā.
āCrime shouldnāt pay. Thatās why the UK and her allies are demonstrating leadership on cybersecurity by pledging not to pay off criminals when they try and extort the taxpayer using ransomware,ā he said.
āThis pledge is an important step forward in our efforts to disrupt highly organised and sophisticated cyber criminals, and sets a new global norm that will help disrupt their business models and deter them from targeting our country.ā
Ransomware is a type of malicious software used by cyber criminals which often encrypts or steals data once it has gained access to a computer system.
Ransomware poses a significant threat to organisations in the UK and around the world and so international collaboration is essential for bearing down on cyber-criminal operations
The victim is then told to pay a large fee ā often in cryptocurrency, which is harder to trace ā in order to get their files back.
However, cybersecurity experts, including those at the NCSC, argue that paying a fee only benefits the criminals as it provides an incentive to continue offending and it does not guarantee the release of the affected data ā a stance the CRI has now publicly backed in the agreement.
NCSC chief operating officer Felicity Oswald said: āRansomware poses a significant threat to organisations in the UK and around the world and so international collaboration is essential for bearing down on cyber-criminal operations.
āThe joint statement today demonstrates that the UK and a like-minded community of countries do not support payment of online criminals as we know this only makes the threat landscape worse for everyone.
āMany ransomware incidents can be prevented by ensuring that appropriate security measures are in place. We strongly encourage organisations to follow NCSC advice to effectively mitigate the risks and help protect themselves online.ā