The UK and Singapore have launched guidance about ransomware.
The document is issued by the international Counter Ransomware Initiative. It urges businesses to follow four steps—’understand, identify, develop, and review’ – to ‘significantly reduce the likelihood and impact of ransomware incidents’, against them and in their supply chain. It gives the June 2024 example of a ransomware attack on Synnovis; a pathology supplier to several major NHS Trusts in the UK, ‘which led to substantial disruption across several hospitals’. Home Office Security Minister Dan Jarvis said: “Ransomware and cyber-attacks pose an immediate and urgent threat to our nation’s security and economy. We are taking decisive action to counter this threat, but global coordination is essential. Cybersecurity must be a top priority for all businesses. It’s vital that the counter ransomware guidance is followed and strong measures are taken to defend against these destructive attacks.”
UN Convention
Meanwhile the United Nations Secretary-General António Guterres attended the signing ceremony of the UN Convention against Cybercrime, in Hanoi, the capital of Vietnam. He described the convention as ‘a powerful, legally binding instrument to strengthen our collective defences against cybercrime’. Among countries that have signed are the UK, Australia and Canada, France, Germany and Spain; among those that have not are Russia, the United States and China.
Comment
Aben Pagar, Director at Konexo, says: “The UK’s ransomware payment ban for public sector bodies is arguably a necessary step in disrupting the financial incentives that fuel cybercrime. But it also marks a turning point for operational readiness. Organisations will no longer be able to pay to restore systems quickly, which means prevention and recovery capabilities must be watertight. Suppliers remain a key vulnerability, and the new guidance rightly focuses on them. As attackers evolve using AI and deepfakes, robust backups, tested incident response plans, and supplier resilience are now essential, not optional.”
