On 1 September, an article from Out-Law says that businesses that pay ransoms to cyber attackers to regain access to systems and data they have been locked out from are unlikely to face prosecution in the UK for doing so – but that businesses that fall victim to so-called ransomware attacks should carry out due diligence before deciding whether to pay the ransom requested.  It is noted that it is illegal to pay a ransom to a terrorist organisation and mentioned the possibility of the UK government taking legislative action to ban ransom payments to “other groups”.  As is the case with kidnap ransom insurance, anti-terrorism and sanctions legislation makes it illegal to make payments to terrorists and terrorist organisations or for the purposes of terrorism, either directly or indirectly.

Author: raytodd2017

Chartered Legal Executive and former senior manager with Isle of Man Customs and Excise, where I was (amongst other things) Sanctions Officer (for UN/EU sanctions), Export Licensing Officer and Manager of the Legal-Library & Collectorate Support Section

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s