IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

NCSC and ICO chiefs plead with lawyers to stop making ransomware payments

The two UK authorities say misconceptions around ICO fines are jeopardising the integrity of UK cyber security, in a direct appeal to the Law Society

Leaders from the Information Commissioner’s Office (ICO) and National Cyber Security Centre (NCSC) have called on lawyers in England and Wales to stop their clients from paying ransomware gangs after being attacked.

The NCSC said it's seeing a rise in businesses choosing to pay the demands made by the ransomware operators, but argues that paying these groups only incentivises further attacks and directly funds future criminal endeavours.

The NCSC and ICO wrote to the Law Society for assistance in sharing “some key messages” after they became aware of a growing misconception that paying ransomware gangs to protect data may lead to less harsh penalties imposed on the company by the ICO.

“We would like to be clear that this is not the case,” the letter read. “Law Enforcement does not encourage, endorse nor condone the payment of ransoms.

“While payments are not usually unlawful, payers should be mindful of how relevant sanctions regimes (particularly those related to Russia) – and their associated public guidance – may change that position. More importantly, payment incentivises further harmful behaviour by malicious actors and does not guarantee decryption of networks or return of stolen data.”

The Law Society was also asked to remind lawyers the ICO takes into account the degree to which a given business has taken precautions and implemented measures to mitigate the threat of a ransomware attack when deciding on post-attack penalties.

Related Resource

An analysis of the European cyber threat landscape

Human risk review 2022

Whitepaper cover with title and three colleagues sat at a table laughing togetherFree Download

It said it does not consider making payments to cyber criminals, with the view that a business’ data would be more secure as a result, as a satisfactory business strategy to prevent attacks. 

Measures the ICO recognises include actionable changes made after analysing an attack and learning from it, timely reporting to the relevant authorities, and a demonstration that the NCSC’s and ICO’s guidance on cyber attacks has been considered.

“Ransomware remains the biggest online threat to the UK and we are clear that organisations should not pay ransom demands,” said Lindy Cameron, CEO of the NCSC.

“Unfortunately we have seen a recent rise in payments to ransomware criminals and the legal sector has a vital role to play in helping reverse that trend.

Cyber security is a collective effort and we urge the legal sector to help us tackle ransomware and keep the UK safe online.”

The joint letter highlighted the information available to businesses from both the NCSC and ICO, and requested a meeting to discuss the matter further with a view to ensuring there is a strong understanding of the criminal landscape involved with ransomware.

Lawyers are advised to point their clients towards the publicly available advice and make any necessary changes to their cyber strategy to protect the UK online.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Ransomware now strikes one in 40 organisations per week, Check Point finds
ransomware

Ransomware now strikes one in 40 organisations per week, Check Point finds

27 Jul 2022
Darktrace AI’s Antigena helps stop ransomware attack at Dordogne GHT
ransomware

Darktrace AI’s Antigena helps stop ransomware attack at Dordogne GHT

13 Apr 2022
Sabbath hackers are targeting US schools and hospitals
ransomware

Sabbath hackers are targeting US schools and hospitals

29 Nov 2021
Out-of-hours ransomware attacks have a greater impact on revenue
ransomware

Out-of-hours ransomware attacks have a greater impact on revenue

18 Nov 2021

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
Electrical explosion reported at Google's Iowa data centre
data centres

Electrical explosion reported at Google's Iowa data centre

9 Aug 2022