Since 2021, the U.S. Department of Homeland Security (DHS) has stopped more than 500 ransomware attacks, stopping hackers from demanding billions of dollars in cryptocurrency. The branch of Homeland Security Investigations (HSI), which is in charge of fighting cybercrime, has taken back cryptocurrency worth about $4.3 billion that hackers stole.
Mike Prado, deputy assistant director at HSI’s Cyber Crimes Center, says that 21% of all ransomware attacks that were stopped were aimed at U.S. government bodies, which is more than any other sector. Prado said that HSI can find and stop attacks before they happen because they are proactive. They do this by watching internet data and looking for software flaws that hackers could use.
Investigators at HSI are always on high watch, keeping up with new trends and changing ways that cybercriminals do their work. They can often tell when a ransomware attack is about to happen by looking at how people use the internet and keeping an eye on anything that seems fishy. Prado said that law enforcement is still keeping an eye on a few crime groups that work outside of the U.S. as they keep looking for new ways to steal cryptocurrency.
But stopping strikes comes with its own set of problems. If the attacks are stopped before they finish, it may be harder to bring formal charges against the hackers. To stop a threat from happening right away, HSI quickly tells companies, government agencies, and other possible victims. Agents from hundreds of field offices, local police, and government partners all work together to coordinate their efforts.
Ransomware attacks are becoming more regular, and payouts related to ransomware have been going up over the past few years. A study from August 2024 showed that ransomware payouts went up by 2% compared to 2023, reaching almost $460 million by the middle of the year. The average blackmail payment has also gone up, as hackers demand bigger and bigger amounts from their victims. It went from less than $200,000 to a mind-boggling $1.5 million by June 2024 of that year.
In July 2024, the hacking group Dark Angels demanded $775 million from a target as the biggest ransom ever. This shows how dangerous the ransomware fight is.
The work that HSI does is part of a bigger, ongoing attempt to fight cybercrime, especially when it comes to bitcoin. Cybercriminals are always improving their methods, even though they have had some success. Being alert is the best way to keep ransomware risks at bay. Attacks are becoming more common, and ransom payments are getting bigger. This means that people and companies need to improve their protection right away.
