Originally published on: October 07, 2024
A recent report from the Department of Homeland Security reveals that over the past three years, they have successfully prevented more than 500 ransomware cyberattacks and seized billions of dollars in extorted cryptocurrency since 2021.
Surprisingly, government agencies in the United States were the primary targets, with 21% of the disrupted hacks directed towards them, surpassing all other business sectors. Mike Prado, the deputy assistant director of Homeland Security Investigations (HIS) Cyber Crimes Center, shared this information in a recent interview with Bloomberg.
Since its inception in 2021, the department has thwarted a total of 537 ransomware attacks and managed to trace and confiscate $4.3 billion worth of cryptocurrency from both exchanges and the hackers’ devices, which was obtained through these extortion payments.
Ransomware attacks typically involve cybercriminals infiltrating and encrypting a victim’s data, demanding payment in exchange for the decryption key. In an effort to combat these threats, HIS has adopted a proactive strategy to anticipate and prevent such attacks by constantly monitoring cybercrime activity and the evolving tactics employed by criminals.
Agents closely examine internet traffic, search for any indicators of malicious behavior, and monitor potential software vulnerabilities commonly exploited by ransomware groups to breach an organization’s security. The primary objective is to identify and neutralize impending attacks, often intervening before any harm is done.
While this preemptive approach has proven successful in deterring many criminals, Prado acknowledges that building a case against hackers whose attacks are disrupted by HIS can be challenging. In the event of an actual attack, the department promptly alerts government agencies, companies, and potential victims about the imminent extortion attempt. They also collaborate with agents from 235 field offices across the US, local law enforcement agencies, and other federal bodies.
According to Chainalysis, a blockchain analysis firm, ransomware inflows have risen by 2% in 2024, approaching almost half a billion dollars. The report also highlights a significant growth in maximum ransom payments, marking a 96% annual increase from 2023 and a 335% surge from 2022. Median ransom payments have climbed from under $200,000 in early 2023 to a staggering $1.5 million as of June 2024.
The data further reveals that the largest ransomware payment on record was made to the Dark Angels group, totaling $75 million. This emphasizes the increasing trend of cybercriminals demanding substantial sums from their victims.
With these alarming statistics, it is evident that cyber threats continue to pose a significant risk to organizations and individuals alike. The relentless efforts of agencies like HIS are crucial in combating these malicious activities and safeguarding the digital ecosystem from exploitation.