NCSC and ICO Solicit End to Rising Tide of Ransomware Payments

The National Cyber Security Centre and Information Commissioner’s Office share joint letter with the Law Society after increases in ransomware payments.

Solicitors are being asked to keep the UK safe by helping to deal with an increase in payments being made to ransomware criminals.

The National Cyber Security Centre (NCSC) and Information Commissioner’s Office (ICO) are asking the Law Society to remind its members about the dangers of making ransomware payments.

Today (8 July), the two organisations emphasised that paying a ransom will not keep data safe or be viewed by the ICO as a mitigation in regulatory action.

Based on the way solicitors work in the UK, asking them to do anything might result in a hefty consulting fee. Some poor soul has to fund their overly expensive tastes.

That said, the NCSC – which is a part of GCHQ – and the ICO are not consumers. They have a bit of clout, and state that in some cases solicitors may have been advising clients to pay, in the belief that it will keep data safe or lead to a lower penalty from the ICO.

NCSC CEO Lindy Cameron says: “Ransomware remains the biggest online threat to the UK.”

  • Menace means money – UK Cybersecurity Sector Secures ‘Record’ Levels of Investment – read the news here

John Edwards, UK Information Commissioner, notes: “Engaging with cyber criminals and paying ransoms only incentivises other criminals and will not guarantee that compromised files are released.”

Edwards, who started his role in January, adds: “We’ve seen cybercrime costing UK firms billions over the last five years. The response to that must be vigilance, good cyber hygiene, including keeping appropriate back up files, and proper staff training to identify and stop attacks. Organisations will get more credit from those arrangements than by paying off the criminals.”

There are a lot of stories to share of late on this theme, but to keep it brief a few examples will suffice.

Earlier this year, the National Cyber Strategy was launched to provide £2.6 billion of new investment and strengthen the UK’s role as a “responsible cyber power”.

As reported in February, the nation’s cybersecurity firms are profiting from these dangerous times with new government data revealing more than £1 billion was secured across 84 deals.

Going back a bit, the NCSC says it removed a “record” number of online scams from the internet last year. It disclosed that more than 2.7 million scam campaigns were stopped in 2021, nearly four times more than in 2020.

Do you want to learn more about cybersecurity? Check out these courses from TechRepublic Academy.

Antony Peyton
Antony Peyton
Antony Peyton is the Editor of eWeek UK. He has 18 years' journalism and writing experience. His career has taken him to China, Japan and the UK - covering tech, fintech and business. Follow on Twitter @TonyFintech.
Get the Free Newsletter
Subscribe to Techrepublic UK for weekly updates from Techrepublic and eWEEK on the latest in UK top tech news, trends & analysis
This email address is invalid.
Get the Free Newsletter
Subscribe to Techrepublic UK for weekly updates from Techrepublic and eWEEK on the latest in UK top tech news, trends & analysis
This email address is invalid.

Popular Articles