British Library did the right thing by not paying cybercriminals | Letter

Every ransom paid gives criminals the message that cyber-attacks work and that it's worth doing again, says Felicity Oswald of the National Cyber Security Centre

The British Library should be applauded for its refusal to pay the cybercriminals who targeted it last year (Ransomware groups warned there is no money in attacking British state, 12 March). At the National Cyber Security Centre, which is part of GCHQ, we have long shared the view of our law enforcement partners that paying ransoms should not be condoned, encouraged or endorsed. Doing so does not guarantee a return of access to data or computers, and in fact makes it more likely that the victim will be targeted in future.

Every ransom that is paid gives criminals the message that attacks work and that it's worth doing again. We are committed to working with our partners - including internationally through the Counter Ransomware Initiative - to make the UK the hardestpossible target for ransomware attacks. But we cannot do this in isolation. By responding to its attack in the transparent way that it has, the library has set a great example. Weencourage all organisations toread its instructive review.
Felicity Oswald
Interim CEO, National Cyber SecurityCentre