Ransomware payment guidance

05 August 2024

News article

New guide for businesses facing ransomware attacks

A new guide has been published to help businesses deal with ransomware attacks. Developed by insurance industry bodies and the National Cyber Security Centre (NCSC), the guide aims to minimise the impact of these incidents and help reduce:

disruption and cost to businesses
the number of ransoms paid by UK ransomware victims
the size of ransoms where victims choose to pay

Ransomware is a major cyber threat in the UK. Attackers encrypt files and demand payment for decryption keys. They may also threaten to release stolen data unless a ransom is paid. However, paying doesn't guarantee that data won't be sold or used again.

The guide advises businesses to:

consider all options before paying a ransom
keep records of their decisions
consult experts
involve key staff
report incidents to UK authorities

It stresses that paying a ransom doesn't meet legal or regulatory requirements and may not lower penalties from bodies like the Information Commissioner's Office.

Read the guidance for organisations considering payment in ransomware incidents.

Being prepared for any incident is key and will help lessen the impact if a ransomware attack does happen. The NCSC offers comprehensive guidance, including how to develop an incident management capability and prevent ransomware in the first place.

First published 5 August 2024

Printer-friendly version

Actions

NCSC guide to ransomware

Also on this site

Protect your business from ransomware

Cyber Essentials scheme

Guides
- Find guides by sector
- Find guides by theme
  - Starting a business
    - Before you start your business
      - Considering starting a business
      - Start-up business ideas
    - Start your business
    - Running your start-up business
    - Grow your start-up business
      - Trade with other countries
      - Take steps to grow your business
  - Finance
    - Find local finance
      - Northern Ireland business support finder
    - Raising finance
    - Managing finance
    - Financial difficulty
      - Managing financial difficulty
  - Taxes
    - Business tax
    - Self-employed and tax
      - Setting up as self-employed and tax
      - Help and support for the self-employed
    - PAYE and payroll
      - PAYE and payroll for employers
    - Keeping records for business
      - Record-keeping
    - Excise duties
    - Industry-specific taxes
    - Complying with European law
    - Contact or deal with HM Revenue & Customs (HMRC)
    - Companies House returns, accounts and other responsibilities
    - Business changes
      - Making changes to your business
    - Selling, closing or restarting your business
    - Accountants and tax advisers
  - Employment and skills
    - HR documents and templates
    - Recruitment
    - Employment documents and policies
      - Staff documents and employment policies
    - Pay, pensions and minimum wage
    - Manage people
    - Holidays, statutory leave and time off
      - Holiday, other leave and sickness
      - Maternity, paternity, adoption and parental leave
    - Performance, training and development
    - Resolve conflict and staff leaving
      - Problems at work
      - Dismissals and staff leaving
  - Health and safety
    - Coronavirus (COVID-19): Staying safe at work
    - Health and safety basics
      - Protecting your business
    - Health and safety made simple
    - Make your business safer
      - Managing the welfare of people
      - Safer ways of working
  - Efficiency and environment
    - Environmental action to improve your business
    - Reduce, reuse, recycle your business waste
    - Resource efficiency
    - Reducing your environmental impact
    - Environmental guidance by business sector
  - Business premises and rates
    - Choosing the right business property
    - Rates for non-domestic properties
      - Business rates
    - Property management and costs
    - Adapting and improving your property
      - Make your property more efficient
      - Disabled access and facilities in business premises
  - Innovation and R&D
    - Product and service development
      - Developing products and services
      - Research and development
    - Design and business innovation
      - Use innovation in your business
      - Design for business success
    - Intellectual property
      - Intellectual property for business
      - Patents, trade marks, copyright and design
  - Sales and marketing
    - Business contracts and fair competition
    - Consumer rights and protection
    - Marketing your business
    - Product safety
    - Sales laws
    - Know your customers
    - Maximise your sales
  - IT
    - IT basics
      - Introduction to IT
      - Choosing suppliers
    - Software and technology solutions
      - Software and business applications
      - Communications
    - Getting online
      - Create and manage a website
      - E-commerce
    - Security and data protection
      - Data protection and legal issues
      - IT security and risks
  - Exporting and importing
    - Basics of importing and exporting
    - Choosing a market
      - Doing business in the EU
      - Trading with countries outside the EU
    - Procedures and licences
    - Sector overviews and regulations
    - Moving your goods
    - Customs declarations
      - National Clearance Hub
  - Grow your business
    - Prepare for growth
      - Assessing current performance
      - Planning business growth
    - Strategies for growth
    - Finance and logistics
      - How to grow your business
      - Financing growth
    - Managing growth
      - Leading staff through growth
      - Manage business risks
  - Buy or sell a business
    - Acquiring a business
    - Selling your business
    - Exiting and transferring your business
      - Businesses in difficulty
      - Transferring your business
Resources
News
Events