Restrictions on ransomware payments have become common for government agencies around the world, but it is still fairly rare to see them extended to the public sector or local levels of government. The new UK rules would additionally require all business types that are not impacted to notify the government.
A new proposal from the Home Office would prevent the NHS as well as schools and local councils from making ransomware payments, and certain limitations would also be put on private companies along with the public sector.
The CRI guidance does not really focus on whether or not to make ransomware payments, instead stressing that victims should make early contact with law enforcement (regardless of their ultimate decision) and that they have many options to explore.
Numerous recent sources have been indicating a resurgence for ransomware in 2023, and perhaps the best evidence yet comes from a new Chainalysis report: for the first time ever, global ransomware payments topped over $1 billion in cryptocurrency.
The International Counter Ransomware Initiative conference has produced a pledge by 40 countries to refuse ransomware payments going forward, including the United States and EU members. The pledge appears to only apply to government entities.
By mid-2023, crypto scams plummeted the most for any crypto-related crimes, while ransomware payments approach record levels from "big game hunting" and spray and pray attacks.
2020 and 2021 were record years for ransomware payments at about $765 million. The take collected by ransomware operators is now down 40% to $457 million in 2022.
There are two pieces of legislation already in front of Congress that would set reporting requirements for ransomware payments, each proposing different time windows for different industries and company sizes. A third now seeks a 48-hour limit.
New cyber incident reporting bill that has been introduced to the Senate would create new ransomware payment reporting requirements if passed, including a strict 24-hour limit for any business with more than 50 employees.
The U.S. Treasury Department has handed down the first sanctions to a crypto exchange, hitting Russia-based SUEX.io for facilitating ransomware payments.










