Home Office publishes response to ransomware consultation on new legislative proposals to tackle cybercrime
The Home Office has published its response to the public consultation on legislative proposals to address ransomware. The consultation ran from 14 January to 8 April 2025 and sought views on three measures: a targeted ban on ransomware payments for public sector and regulated critical national infrastructure (CNI); a ransomware payment prevention regime; and a mandatory incident reporting regime. A total of 273 responses were received and 36 engagement events were held. The response confirms ransomware is considered the most serious organised cybercrime threat to UK national security. Feedback was broadly supportive and highlighted several cross-cutting themes, including the need for clarity on scope and definitions, proportionate penalties that avoid revictimising victims, tailored guidance and support, and improved cyber resilience. The government intends to continue to develop the proposals in collaboration with stakeholders, explore appropriate enforcement mechanisms and publish guidance to support implementation.