‘Millions’ in taxpayer money paid to cyber criminals in recent years – minister

14 January 2025, 14:34

Technology
Technology. Picture: PA

Dan Jarvis said the problem was ‘extensive’ and thousands could have been paid without the Government knowing.

Millions of pounds of taxpayers’ money has been handed to cyber criminals in recent years, Britain’s security minister said as he unveiled proposals to combat ransomware attacks.

Dan Jarvis also suggested hostile actors could have extorted thousands from organisations like the NHS without the Government knowing because there is no mandatory reporting regime.

The Home Office on Tuesday launched a consultation on how to crack down on ransomware, with plans under consideration to ban all public sector bodies from making any payments.

UK Parliament portraits
Security minister Dan Jarvis warned the problem was ‘extensive’ (Richard Townshend/UK Parliament/PA)

Proposals also include a mandatory reporting regime and payment prevention system, designed to increase the National Crime Agency’s awareness of live attacks and block payments to known criminal groups and sanctioned entities.

Speaking to broadcasters on Tuesday’s morning media round, Mr Jarvis said cyber criminals based in countries like Russia are “quite literally holding our country to ransom” and warned the problem was “extensive.”

Asked how much public bodies had paid out in recent years, Mr Jarvis said “significant” sums had been handed over, telling Times Radio: “Millions of pounds have been paid.

“It’s a huge problem internationally.”

On how much the NHS had given, Mr Jarvis said: “The truth of the matter is we don’t know the precise figures, because there isn’t a mandatory reporting regime.”

Asked whether that meant that a trust could have paid out thousands of pounds to criminals to get its computers back without the Government knowing about it, he said: “In theory, that is the case, and that’s why we’re looking to change the law to bring in a mandatory reporting regime so we’ve got much more visibility of these kind of activities.

“But fundamentally, this is about putting measures in place that will ensure that we are much less vulnerable to these attacks in the future.

“We are working internationally with our allies as well, but these cyber criminals are incredibly devious in the tactics that they use, but it is the wrong approach for public sector authorities to actually pay these ransoms, because… there’s absolutely no guarantee even if they were to pay the ransom, they get the information that they require.”

The Home Office said the introduction of its proposed scheme would help deter criminal gangs from attacking national infrastructure and public sector bodies such as the NHS, local councils and schools.

Recent targets have included a key supplier to London Hospitals and Royal Mail.

The Home Office believes mandatory reporting is needed to gain a full understanding of the scale of the problem.

Asked whether the NHS has previously paid ransomware attackers, Downing Street said it did not have details to share about “specific cases” but stressed that the Government had identified the “gap in our armoury” and moved to fill it.

“We already have a range of measures in place to protect the public sector, but clearly this was a gap in our armoury and that’s why we’ve introduced this targeted ban on ransomware payments for public sector bodies and critical national infrastructure,” the Prime Minister’s official spokesman said.

“The point is that we’ve identified this gap in the armoury… part of this will introduce a mandatory reporting regime which will bring ransomware out of the shadows and maximise the intelligence used by the UK’s law enforcement agencies and help guard against these threats in the future.”

The UK’s National Cyber Security Centre (NCSC) has previously highlighted ransomware as one of the biggest cyber threats facing the country.

NCSC chief executive Richard Horne said: “This consultation marks a vital step in our efforts to protect the UK from the crippling effects of ransomware attacks and the associated economic and societal costs.

“Organisations of all sizes need to build their defences against cyber attacks such as ransomware, and our website contains a wealth of advice tailored to different organisations.”

He added: “And organisations across the country need to strengthen their ability to continue operations in the face of the disruption caused by successful ransomware attacks.

“This isn’t just about having backups in place: organisations need to make sure they have tested plans to continue their operations in the extended absence of IT should an attack be successful, and have a tested plan to rebuild their systems from backups.”

By Press Association

More Technology News

See more More Technology News

The icons for the smartphone apps DeepSeek and ChatGPT are seen on a mobile

Nations and tech firms to jostle for AI leadership at Paris summit

Nick Lees

Man who credits King over cancer diagnosis given pioneering robotic microsurgery

Ellen Roome with her 14-year-old son Jools Sweeney

Parents suing TikTok over children’s deaths ‘want answers’

The Apple logo in the window of an Apple store

Home Office orders Apple to let it access users’ encrypted files – report

Ellen Roome with her son Jools Sweeney

Bereaved families file US lawsuit against TikTok over access to children’s data

The OpenAI logo appears on a mobile phone in front of a computer screen with random binary data

OpenAI taking claims of data breach ‘seriously’

There are concerns over how technology is aiding the abuse of women (Alamy/PA)

Deepfake abuse crackdown a ‘really important blow in battle against misogyny’

The Football Manager 25 logo on a light purple background

Football Manager 25 cancelled after delays

Football Manager 25 has been cancelled after being hit by delays

Football Manager 25 cancelled after several delays

Carsten Jung, head of AI at the IPPR, warned that politics 'needs to catch up' with the implications of AI (PA)

AI could replace 70% of tasks in computer-based jobs, study says

General view of IMI headquarters at Lakeside, Birmingham Business Park, Birmingham.

Engineering group IMI latest UK firm to be hit by cyber attack

A person's hands on the keyboard of a laptop

PSNI exploring use of AI to analyse mobile phone evidence

A screenshot of the homepage of AI chatbot DeepSeek, showing a warning message about new users being unable to register for the app

DeepSeek reopens new user sign-ups despite ongoing security concerns

A Google logo on the screen of a mobile phone, in Londons

Google axes diversity hiring targets as it reviews DEI programmes

A person’s hand pressing keys of a laptop keyboard

UK to get new cyber attack severity rating system

People working at computers

Capital raised by tech start-ups under Government scheme doubles