La sécurité intérieure stoppe les attaques par ransomware, saisit des milliards en crypto-monnaie

The Rise of Ransomware Attacks: A Response from the Department of Homeland Security

The Department of Homeland Security (DHS) has become a pivotal player in combating ransomware attacks, successfully foiling hundreds of cyber threats since 2021. According to a report by Cointelegraph, investigators from the DHS have disrupted 537 ransomware incidents and seized approximately $4.3 billion in extorted cryptocurrency.

Targeting Government Agencies

U.S. government agencies represent a significant target for cybercriminals, accounting for 21% of disrupted hacks—outpacing any business sector. Mike Prado, the Deputy Assistant Director of Homeland Security Investigations (HSI) Cyber Crimes Center, provided insights into these developments in his Oct. 4 report, highlighting the specific vulnerabilities and methods used by hackers.

Understanding Ransomware

Ransomware attacks typically involve malicious actors compromising and encrypting data, subsequently demanding payment for the decryption key. The DHS is adapting a proactive approach by closely monitoring cybercrimes and analyzing the evolving tactics used by cybercriminals to ensure a swift response before an attack can occur.

Proactive Measures by HSI

HSI agents engage in thorough internet traffic analysis, detecting signs of malicious activity and scrutinizing software vulnerabilities that ransomware gangs might exploit. This constant surveillance aims to thwart potential attacks before they escalate.

Challenges Faced in Cybercrime Prevention

However, Prado noted the complexity of tracking attackers, especially those based outside of the United States. Often, building a case against hackers whose attacks have been blocked can be quite challenging. When a potential ransomware incident is detected, HSI swiftly informs government agencies, businesses, and other possible victims, while coordinating with local law enforcement and other federal entities.

Ransomware Payment Trends in 2024

In a recent Chainalysis report, ransomware inflows have shown a slight increase of 2% in 2024, rising from $449.1 million to $459.8 million. Despite the DHS's efforts to disrupt these attacks, ransomware payments reached $1 billion by the end of 2023.

Surging Payment Amounts

The average ransom payment saw a staggering rise—up 96% year on year from 2023, and a colossal 335% increase from 2022. Median ransom payments climbed dramatically from under $200,000 in early 2023 to around $1.5 million by mid-2024.

A Record Payment

July 2024 witnessed the largest single ransomware payment recorded, with the group known as Dark Angels receiving a remarkable $75 million from a victim, signaling the growing trend of larger ransom demands.

Conclusion: Ongoing Efforts Against Cybercrime

The landscape of ransomware continues to evolve, with criminals increasingly targeting high-value assets. As cyber threats proliferate, the Department of Homeland Security's concerted efforts to safeguard sensitive information and thwart cybercrime demonstrate the critical need for ongoing vigilance and innovation in cybersecurity. Stakeholders across sectors must remain alert and informed about the risks associated with ransomware, and work collaboratively to fortify defenses.

Internal Links:
- Understanding Cybersecurity Threats
- Best Practices for Protecting Your Digital Assets

External Links:
- Ransomware.org
- CISA