As the main source of ransomware attacks is offshore, they
are unlikely to be stemmed by the threat of prosecution for making a ransom
demand. Offshore prosecution for such threats would be difficult to achieve in
the jurisdictions that most cyberattacks come from.
If the making of payments is banned, then company directors
and other individuals are less likely to pay a ransom. If they do pay a ransom,
then they become liable to prosecution.
By stemming the potential financial reward from ransomware
attacks the perpetrators are likely to look elsewhere for easier targets.