Written by: Haim Ravia, Dotan Hammer
The UK’s Home Office is seeking input regarding new legislation to address the growing threat of ransomware attacks. The legislation aims to reduce the payouts, improve counterintelligence, and increase awareness.
The consultation includes three proposed options: an outright ban on ransomware payments for public sector bodies and critical national infrastructure operators, a policy requiring ransomware victims to report their intention to pay, and a general mandatory reporting scheme for all ransomware attacks, regardless of payment.
The move by the British government illustrates a global trend to legislate the governmental and private response to ransomware attacks. Recently, Australia enacted a law requiring ransomware payout reports within 72 hours. The Australian law also mandates security standards for internet-connectable products and allows for voluntary information sharing with the Australian National Cyber Security Coordinator concerning significant cyber security incidents.
Click here to access the United Kingdom’s Home Office’s Open Consultation.
