Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide
  • Home
  • /
  • Security
  • /
  • UK and Singapore secure agreement against ransomware payments 

Security

UK and Singapore secure agreement against ransomware payments 

In a world first, Counter Ransomware Initiative (CRI) members have signed a joint statement denouncing ransomware and payments being made to cyber criminals.

Image copyright Shutterstock

Led by the UK and Singapore, members of the CRI have affirmed that relevant funds from central government should not be used to pay a ransomware attacker – the first international statement of its kind.    

The statement was signed on the same day the UK hosted the first ever global summit on artificial intelligence at Bletchley Park. It sends a clear message that the global community strongly opposes ransomware payments and is committed to disrupting organised cybercrime. 

Advertisement
ODU RT

Security Minister Tom Tugendhat said: "Crime should not pay. That’s why the UK and her allies are demonstrating leadership on cybersecurity by pledging not to pay off criminals when they try and extort the taxpayer using ransomware.  

"This pledge is an important step forward in our efforts to disrupt highly organised and sophisticated cyber criminals and sets a new global norm that will help disrupt their business models and deter them from targeting our country.

Ransomware criminals typically access a computer through a malicious piece of software and then often encrypt or steal data. The victim is then told that the offenders will decrypt or return the data in exchange for a large fee, paid in cryptocurrency.   

The joint statement makes clear that paying a fee only serves to benefit these organised criminals and provides an incentive to continue offending. It does not guarantee the release of data or the removal of malware from an affected network.  

The CRI is the only dedicated multilateral body that the UK and international partners use to develop robust and effective policies and practices to enhance the global response to ransomware. 

A key ambition of the UK, and all international partners within the CRI, is to stem the flow of money to cyber criminals and build collective resilience through international cooperation and engagement. 

Felicity Oswald, Chief Operating Officer, National  Cyber Security Centre (NCSC) said: "Ransomware poses a significant threat to organisations in the UK and around the world and so international collaboration is essential for bearing down on cyber-criminal operations.  

"The joint statement demonstrates that the UK and a likeminded community of countries do not support payment of online criminals as we know this only makes the threat landscape worse for everyone.

"Many ransomware incidents can be prevented by ensuring that appropriate security measures are in place. We strongly encourage organisations to follow NCSC advice to effectively mitigate the risks and help protect themselves online."

It has been a long-standing policy that the UK government will never meet the demands of ransomware actors, and no fee has ever been paid by central government, but this is the first time the position has been publicly confirmed. 

Further to this, the National Crime Agency’s Strategic Risk Assessment 2023 states that the biggest threat comes from Russian-speaking crime groups who are tolerated by - and sometimes linked to - the Russian state.   

The UK’s cyber resilience, however, is among the strongest in the world and the government has taken steps to enhance the nation’s defences. This includes the NCSC’s online ransomware hub, which is accessible through their website and provides expert information and practical advice for organisations.  

Advertisement
ODU RT

The UK additionally has the capability to work with international partners to target and disrupt cyber criminals.  

This includes two comprehensive sanctions packages which were issued in unison with the United States. The sanctions targeted 18 Russian-speaking cyber criminals who were responsible for extorting at least £150 million ($180 million) from victims globally. In the UK there were 149 victims who collectively lost £27 million.   

The National Crime Agency (NCA) has additionally been involved in several high-profile operations which have led to the shutdown of prolific organised crime groups. This includes HIVE, which provided ransomware software to cybercriminals and extorted more than $100 million.

The statement was agreed by all countries present at the Summit. The statement - and the list of signatories - can be viewed on gov.uk .

The CRI was created in 2021 and is chaired by the United States. Membership is voluntary. 
 

 

 

 

Advertisement
L3Harris LB May IR L3Harris LB May IR
Adarga acquires J2X Solutions

Defence Security

Adarga acquires J2X Solutions

13 June 2024

London headquartered AI software specialist Adarga, today announced the acquisition of US strategic risk intelligence firm, J2X Solutions.

G3 Systems refurbs British Army’s TCDA

Defence Security

G3 Systems refurbs British Army’s TCDA

13 June 2024

G3 Systems has announced a rolling refurbishment programme, contracted by the UK MoD’s Defence Equipment and Support (DE&S) agency, to extend the working life of their operationally proven and highly acclaimed Tactical Containerised Dog Accommodation (TCDA) for use by 1st Military Working Dogs (MWD) Regiment, based at St Georges Barracks, North ...

Airports criticise Government over liquids restrictions announcement

Aerospace Security

Airports criticise Government over liquids restrictions announcement

13 June 2024

Over the weekend, the UK's Department for Transport (DfT) announced that from 00:01 on Sunday 9th June 2024, 100ml restrictions on liquids will temporarily be reintroduced at UK airports.

Base Materials boosts subsea buoyancy options

Defence Security

Base Materials boosts subsea buoyancy options

12 June 2024

Leicester headquartered Base Materials has launched a new buoyancy repair and refurbishment service providing remotely operated vehicle (ROV) owners and operators with a more sustainable alternative to purchasing new buoyancy modules.

Advertisement
ODU RT 2
Kromek presenting D5 RIID at Eurosatory 2024

Defence Security Events

Kromek presenting D5 RIID at Eurosatory 2024

12 June 2024

Sedgefield based radiation and biological detection company Kromek, will focus on the latest evolution of its D5 RIID at Eurosatory next week (17th-21st June), which can now be mounted onto any unattended UGV platform.

Hughes Europe expands into defence and government sectors

Defence Security Space

Hughes Europe expands into defence and government sectors

12 June 2024

Hughes Europe has announced its strategic expansion into the military, defence and government sectors across pan-European nations, with launch of Konnect VHTS Services in collaboration with Telespazio.

Advertisement
Marshall RT 2