Ransomware payment guidance
New guide for businesses facing ransomware attacks
A new guide has been published to help businesses deal with ransomware attacks. Developed by insurance industry bodies and the National Cyber Security Centre (NCSC), the guide aims to minimise the impact of these incidents and help reduce:
- disruption and cost to businesses
- the number of ransoms paid by UK ransomware victims
- the size of ransoms where victims choose to pay
Ransomware is a major cyber threat in the UK. Attackers encrypt files and demand payment for decryption keys. They may also threaten to release stolen data unless a ransom is paid. However, paying doesn't guarantee that data won't be sold or used again.
The guide advises businesses to:
- consider all options before paying a ransom
- keep records of their decisions
- consult experts
- involve key staff
- report incidents to UK authorities
It stresses that paying a ransom doesn't meet legal or regulatory requirements and may not lower penalties from bodies like the Information Commissioner's Office.
Read the guidance for organisations considering payment in ransomware incidents.
Being prepared for any incident is key and will help lessen the impact if a ransomware attack does happen. The NCSC offers comprehensive guidance, including how to develop an incident management capability and prevent ransomware in the first place.
First published 5 August 2024