The government is set to consult on proposals to protect businesses and the public sector from cybercrime.
Cybercrime is estimated to cost the UK economy billions of pounds every year.
The proposals out for consultation include banning all public sector bodies and critical national infrastructure, including the NHS, local councils, and schools, from making ransomware payments.
Security minister Dan Jarvis said: "Driving down cybercrime is central to this government’s missions to reduce crime, deliver growth, and keep the British people safe.
"With an estimated $1 billion flowing to ransomware criminals globally in 2023, it is vital we act to protect national security as a key foundation upon which this government’s Plan for Change is built.
"These proposals help us meet the scale of the ransomware threat, hitting these criminal networks in their wallets and cutting off the key financial pipeline they rely upon to operate.
"Today marks the beginning of a vital step forward to protect the UK economy and keep businesses and jobs safe."
Between September 2023 and August 2024, the NCSC managed 430 cyber incidents, including 13 ransomware incidents which were deemed to be nationally significant and posed serious harm to essential services or the wider economy.
The new measures are part of a wider push across government to improve the UK’s defences against cyber threats and protect the UK’s critical infrastructure and essential services.
National Cyber Security Centre CEO Richard Horne said: "This consultation marks a vital step in our efforts to protect the UK from the crippling effects of ransomware attacks and the associated economic and societal costs.
"Organisations of all sizes need to build their defences against cyber attacks such as ransomware, and our website contains a wealth of advice tailored to different organisations. In addition, using proven frameworks like Cyber Essentials, and free services like NCSC’s Early Warning, will help to strengthen their overall security posture.
"And organisations across the country need to strengthen their ability to continue operations in the face of the disruption caused by successful ransomware attacks. This isn’t just about having backups in place: organisations need to make sure they have tested plans to continue their operations in the extended absence of IT should an attack be successful, and have a tested plan to rebuild their systems from backups."
