Cybersecurity watchdog asks lawyers for help in the fight against ransomware

UK government gives lawyers clear guidance not to pay up to cybercriminals

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Whether or not to pay aransomwaredemand has long been an ongoing conundrum for organizations worldwide, and the UK government has decisively told solicitors to advise their clients not to pay up.

A joint letter from the Information Commissioner Officer (ICO) and the National Cybersecurity Center (NCSC) to the Law Society said ransomware “payment incentivizes further harmful behavior by malicious actors and does not guarantee decryption of networks or return of stolen data”.

In addition, the ICO said it “does not consider the payment of monies to criminals who have attacked a system as mitigating the risk to individuals and this will not reduce any penalties incurred through ICO enforcement action”.

What should I do if I get compromised?

If a ransomware attack does manage to slip through yourantivirus software, instead of immediately opening your coffers and acquiescing to cybercriminals' demands, the ICO encourages you to check out itsupdated ransomware guidanceor to head to the NCSC website’sransomware hub.

You can see why the UK government has decided to give business clarity regarding dealing with ransomware, the method of cyberattack is time and time again proving to be a dangerous threat globally; Costa Rican president Rodrigo Chaves has said his country is “at war” with the Russian-speaking Conti ransomware gang.

The cost of cybercrime is estimated to be in the billions in the UK alone.

The Economic and Social Costs of Crime report estimated an overall cost of £1.1bn from computer misuse incidents against individuals in England and Wales in the 2015/16 financial year.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

However the government in its letter to the Law Society highlight this does not include the cost to businesses that are thought to bear the majority of the cybercrime costs, meaning the actual cost of cybercrime “will be much higher”.

Africa’s biggest supermarket hit by ransomware attacks

Ransomware attacks are costing US schools and colleges billions>These are the best firewalls right now

ICO did lay not that though ransomware payments are not necessarily unlawful in the purely technical sense “payers should be mindful of how relevant sanctions regimes (particularly those related to Russia) – and their associated public guidance - may change that position”.

With cyberattacks continuing to be a key front in the ongoingRussia-Ukraine conflictperhaps investing in better ransomware protection can help businesses avoid any nasty legal ramifications.

Will McCurdy has been writing about technology for over five years. He has a wide range of specialities including cybersecurity, fintech, cryptocurrencies, blockchain, cloud computing, payments, artificial intelligence, retail technology, and venture capital investment. He has previously written for AltFi, FStech, Retail Systems, and National Technology News and is an experienced podcast and webinar host, as well as an avid long-form feature writer.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

This new malware utilizes a rare programming language to evade traditional detection methods