Spring Statement 2025: What it means for your business
Learn about the announcements made by the government in the 2025 Spring Statement and what businesses need to do now.
The International Counter-Ransomware members from 30 countries have issued a joint statement outlining their intent to take action to counter the growing threat posed by ransomware.
Ransomware is a form of malware that encrypts the important files on a computer and the user (often a business/organisation) is given a ransom demand, the payment of which should mean that the encrypted files can be released. In reality, some types of ransomware delete many important files anyway and paying the ransom does not guarantee that access to files will be returned to normal. Ransomware is primarily a profit-seeking crime which also commonly leverages money laundering networks to move ransomware proceeds.
A recent White House fact sheet stated that
“the global economic losses from ransomware are significant. Ransomware payments reached over $400 million globally in 2020, and topped $81 million in the first quarter of 2021, illustrating the financially driven nature of these activities.”
In March, The Palo Alto Networks, Unit 42 Ransomware Threat Report showed that the average ransom paid by a victim organisation in Europe, the US and Canada trebled from $115,123 (£83,211) in 2019 to $312,493 (£225,871) in 2020. The report showed that over the same period, the highest value ransom paid doubled from $5m (£3.6m) to $10m (£7.2m), and the highest extortion demand grew from $15m (£10.8m) to $30m (£22m).
At the meeting of the Ministers and Representatives from the Counter Ransomware Initiative (held on October 13 and 14), it was recognised that the threat of ransomware is complex and global in nature and requires a shared response and will depend, in part, on the capacity, cooperation, and resilience of global partners, the private sector, civil society, and the general public.
The joint statement outlines the following actions to be taken and efforts to be made to tackle the ransomware threat:
Ransomware poses a big risk to critical infrastructure, essential services, public safety, consumer protection and privacy, and economic prosperity, and a bigger effort to tackle the threat is long overdue. The promising aspect of the joint statement by the Ministers and Representatives from the Counter Ransomware Initiative is that they have recognised the need for collaboration and help between multiple governments, agencies and organisations and using multiple means to make a real impression on the problem.
Individual businesses can play their own part in protecting themselves through basic security measures. These include keeping antivirus software and Operating Systems up to date and patched (and re-starting the computer at least once per week), using a modern and secure browser, using detection and recovery software (e.g. Microsoft 365 protection and Windows Security), and storing files on cloud services e.g. OneDrive/Google Drive, IDrive, or whatever work-based cloud file storage systems employees are required to use, and having an effective, workable backup in place.
Since ransomware relies upon human error to spread, staff should be educated about how to spot and deal with potential ransomware risks e.g., suspicious emails. Organisations should also realise that prevention is better and cheaper than the cure; paying a ransom will not guarantee the return of vital files and system control, and many files are deleted anyway by the attackers.
Learn about the announcements made by the government in the 2025 Spring Statement and what businesses need to do now.
In today's digital age, securing your work systems is crucial, but it's equally important to protect your personal email accounts. One of the most effective ways to enhance your email security is by enabling two-factor authentication (2FA).
SIM swap fraud is becoming increasingly prevalent, allowing scammers to intercept calls and texts, including one-time security passcodes used for two-factor authentication.