U.S. cybersecurity agents have stopped more than 500 ransomware attacks since 2021.
That’s according to a report Friday (Oct. 4) by Bloomberg News, citing comments from Mike Prado, deputy assistant director of the Homeland Security Investigations’ (HSI) Cyber Crimes Center, who also noted that those efforts have seized billions of dollars in cryptocurrency.
The effort to stop these attacks, Prado said, involves notifying government agencies, businesses and other potential victims that they are the target of ransomware extortion.
Investigators study internet traffic seeking signs of malicious activity, monitor unpatched software vulnerabilities and try to glean how ransomware gangs are exploiting gaps in organizations’ security.
With that knowledge, Prado said, investigators can discover when some attacks are about to happen, before a breach occurs. Since 2021, HSI has prevented 537 ransomware acts, 150 of them between October 2023 and Sept. 30 of this year.
Of those disrupted hacks, U.S. government agencies were targets of roughly one-fifth, more than any part of the business world, followed by attempted breaches of healthcare organizations, the report said.
Prado declined to name the hacking groups it is monitoring, citing ongoing law enforcement efforts. One major obstacle includes building prosecutions against hackers whose intrusions are blocked before they occur.
“There are certainly groups that we have our eyes on,” Prado said. “There are gangs active outside the U.S. that are continuously probing ways to obtain cryptocurrency.”
A report earlier this year from Chainalysis found that the value of funds taken in hacking activities and ransomware attacks climbed during the first seven months of the year, thanks to the higher value of bitcoin and by ransomware attacks targeting larger organizations.
The cybersecurity organization found that stolen funds rose by around 84% during that time frame compared to 2023, increasing from $857 million to $1.58 billion.
In other cybersecurity news, PYMNTS recently examined the way artificial intelligence (AI) chatbots are being used by criminals to create sophisticated malware.
Researchers at HP Wolf Security have uncovered one of the first known instances where attackers employed generative AI to write malicious code for distributing a remote access Trojan, marking a shift in cybersecurity, democratizing the ability to create complex malware and potentially leading to a wave of new cybercrime.
“If your company is like many others, hackers have infiltrated a tool your software development teams are using to write code. Not a comfortable place to be,” Lou Steinberg, founder and managing partner at CTM Insights and former CTO of TD Ameritrade, told PYMNTS.
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More