Key Points
- The Department of Homeland Security’s Cyber Crimes Center has disrupted 537 ransomware attacks since its formation in 2021, with US government agencies being the top targets.
- Investigators have traced and seized $4.3 billion worth of cryptocurrency related to extortion payments, demonstrating the scale of the cybersecurity threat.
DHS Takes Proactive Approach to Cybersecurity
The United States Department of Homeland Security (DHS) has made significant strides in combating ransomware attacks, as reported by Bloomberg. According to the report, the Homeland Security Investigations (HSI) Cyber Crimes Center, established in 2021, has successfully thwarted over 500 ransomware cyberattacks before they could occur.
Mike Prado, the deputy assistant director of the HSI Cyber Crimes Center, revealed to Bloomberg that US government agencies were the primary targets, accounting for 21% of the disrupted hacks. This figure surpasses the percentage of attacks aimed at any single business sector, highlighting the critical nature of government cybersecurity.
Billions in Cryptocurrency Seized
In addition to preventing attacks, the HSI has been active in tracing and seizing cryptocurrency related to extortion payments. Since its inception, the division has recovered an impressive $4.3 billion worth of crypto from exchanges and hackers’ devices. This substantial sum underscores the financial impact of ransomware attacks and the importance of the HSI’s efforts in mitigating these threats.
Proactive Strategies and Challenges
The HSI’s approach to combating ransomware attacks is proactive and multifaceted. Prado explained that agents continuously monitor internet traffic, look for signs of malicious activity, and stay alert to software vulnerabilities that could be exploited by ransomware gangs. This strategy aims to identify and prevent attacks before they occur, potentially saving organizations from significant financial and operational damage.
However, this proactive approach is not without its challenges. Prado noted that building cases against hackers whose attacks are successfully blocked can be difficult, as there may be less evidence of criminal activity.
Despite these challenges, the HSI remains vigilant, with Prado stating that there are several “groups that we have our eyes on.” He emphasized that many of these gangs operate from outside the US and are “continuously probing ways to obtain cryptocurrency.”
In the event of a successful breach, the HSI’s response is swift and coordinated. The agency notifies potential victims, including government agencies and companies, of imminent extortion attempts. This effort involves coordination across 235 field offices in the US, local police departments, and other federal agencies, demonstrating the comprehensive nature of the HSI’s cybersecurity efforts.
As ransomware attacks continue to evolve and pose significant threats to organizations worldwide, the work of agencies like the HSI Cyber Crimes Center remains crucial in safeguarding digital assets and preventing large-scale cybercrime.
