On 15 February 2024, the Office of Financial Sanctions Implementation (OFSI) published guidance on ransomware and financial sanctions, covering cyber sanctions legislation, sectoral sanctions risk and licensing.

The guidance is intended to assist with the UK Government’s aim of disrupting and reducing the profitability of ransomware through using financial sanctions against the ransomware threat actors that cause the most harm to the UK.

Under the guidance, ransomware is defined as “a type of malicious software (‘malware’) that prevents victims from accessing their computer or the data that is stored on it until a ransom fee is paid”. OFSI warns that ransomware is a significant threat to the UK and that making ransomware payments to the criminal groups behind these attacks perpetuates the threat and does not guarantee victims will regain access to their data.

OFSI also highlights guidance from the National Cyber Security Centre on cyber resilience measures that can significantly reduce the risks and impact of a successful ransomware attack. It notes that the Government has taken and will take strong action against ransomware threat actors, including the use of financial sanctions which prohibit making funds or economic resources available to an individual or entity subject to an asset freeze. OFSI assesses all breaches of financial sanctions on a case-by-case basis and will take several factors into account that will aggravate or mitigate when determining the facts and how seriously it views a case.

Anyone that has been subject to a ransomware attach is advised in the guidance to use the Government’s ‘Where to report a cyber incident’ portal as soon as possible.