The United States Department of Homeland Security (DHS) has reported significant success in combating ransomware cyberattacks, claiming to have disrupted hundreds of attacks, often before they occurred, and seized billions in extorted cryptocurrency since 2021.
According to Mike Prado, the deputy assistant director of the Homeland Security Investigations (HSI) Cyber Crimes Center, US agencies were the top targets of these cyberattacks, accounting for 21% of the disrupted hacks, a higher percentage than any other business sector. Prado shared these insights in an October 4 report from Bloomberg.
The HSI Cyber Crimes Center has successfully disrupted a total of 537 ransomware attacks since its formation in 2021. Additionally, investigators have traced and seized approximately $4.3 billion worth of cryptocurrency from hackers’ devices and exchanges, which had been obtained through extortion payments.
Proactive Cybercrime Prevention
Prado emphasized that HSI is adopting a proactive strategy to thwart ransomware attacks by maintaining a constant awareness of cybercrime trends and the evolving tactics employed by criminals.
HSI agents engage in several critical activities, including:
- Analyzing internet traffic to identify signs of malicious activity.
- Monitoring software vulnerabilities that ransomware gangs may exploit.
- Developing intelligence to anticipate when attacks are imminent, often before a breach occurs.
The goal of these actions is to prevent ransomware incidents before they materialize.
Prado indicated that there are several groups under scrutiny, with gangs operating outside the US continuously seeking ways to acquire cryptocurrency.
Challenges in Building Cases Against Hackers
Despite the success in thwarting attacks, Prado noted that this proactive approach can complicate efforts to build legal cases against hackers. When an attack is imminent, HSI takes immediate action by notifying government agencies, businesses, and other potential victims. This coordination involves agents across 235 field offices in the US, local police departments, and other federal entities.
Ransomware attacks have been increasingly prevalent. According to the August 15 Crypto Crime Mid-year Update from Chainalysis, ransomware inflows have risen by 2% in 2024, increasing from $449.1 million to $459.8 million. In 2023, the total crypto payments linked to ransomware attacks reached $1 billion.
The average size of ransom payments has also skyrocketed, experiencing a 96% increase from 2023 and a 335% surge from 2022.
Escalating Payment Demands
Chainalysis reported a notable rise in the median ransom payments, which soared from under $200,000 in early 2023 to $1.5 million by June 2024. This increase suggests that scammers are successfully demanding larger sums from their victims.
In a remarkable development, Chainalysis recorded the most significant single ransomware payment ever in July. The group known as Dark Angels received a staggering $75 million payment from a victim, underscoring the ongoing challenges in combatting these cyber threats.
The DHS and HSI’s efforts to thwart ransomware attacks illustrate a determined stance against the rising tide of cybercrime, particularly in the realm of cryptocurrency extortion. While significant progress has been made in disrupting these attacks and reclaiming stolen assets, the landscape continues to evolve, and vigilance remains paramount.
As cybercriminals adapt their tactics, the collaboration among law enforcement agencies, as well as the implementation of proactive measures, will be critical in safeguarding against future ransomware threats. The alarming rise in ransomware payments also highlights the urgent need for businesses and individuals to enhance their cybersecurity protocols to mitigate the risk of falling victim to such attacks.
| Key Details of DHS Efforts Against Ransomware | Information |
|---|---|
| Total Ransomware Attacks Disrupted | 537 |
| Amount Seized in Cryptocurrency | $4.3 billion |
| Percentage of Attacks Targeting US Agencies | 21% |
| Increase in Ransomware Inflows in 2024 | 2% (from $449.1 million to $459.8 million) |
| Total Crypto Ransomware Payments in 2023 | $1 billion |
| Increase in Median Ransom Payments | From under $200,000 to $1.5 million |
| Largest Single Ransom Payment Recorded | $75 million (Dark Angels group) |
Featured image credit: rawpixel via Freepik
Follow us for more breaking news on DMR