United Kingdom: Home Office closes consultation on proposal for protection of business from cybercrime

On 8 April 2025, the Home Office closes its public consultation on proposals for protection of businesses from cybercrime. The Home Office specified that ransomware is a critical threat, defining it as malicious software that infects a victim's computer system, preventing access to systems or data, impairing their use, or facilitating data theft. The consultation includes three proposals. The first proposal aims to prohibit ransomware payments by all public sector bodies and critical national infrastructure owners, reducing their appeal as targets for cybercriminals. The second proposal mandates that ransomware victims engage with authorities before making any payments, providing support and options to block payments to sanctioned entities. The third proposal suggests mandatory reporting of ransomware incidents to enhance threat understanding, update guidance, support organisational resilience, and gather intelligence for law enforcement.