By AJ Vicens
WASHINGTON (Reuters) -Ransomware was the most pervasive cyber threat to critical infrastructure in 2024 as complaints regarding such attacks jumped 9% over 2023, the FBI said on Wednesday.
Ransomware attacks on critical infrastructure accounted for almost half of all ransomware complaints received in 2024 by the agency’s Internet Crime Complaint Center (IC3), a top FBI cyber official said ahead of the release of the agency’s annual Internet Crime Report, which details scam and cyber-enabled fraud impacts across sectors and to various demographic groups.
Critical manufacturing, healthcare, government facilities, financial services and information technology were the top critical infrastructure sectors targeted, Cynthia Kaiser, deputy assistant director of the FBI’s Cyber Division, told reporters on a call.
Ransomware attacks – which lock a target’s files until an extortion payment is made – are just one of the types of cyberattacks targeting critical infrastructure, a term encompassing 16 sectors that include chemical plants, communications, energy, food production, transportation and water systems. Their “incapacitation or destruction would have a debilitating effect” on public health and security, according to the Cybersecurity and Infrastructure Security Agency (CISA).
The increase in ransomware complaints was concerning, the agency said, given several high-profile international law enforcement operations targeting ransomware operators and cybercrime forums last year.
In March, the FBI and the CISA published a joint advisory warning of the Medusa ransomware variant, which had been linked to attacks on more than 300 victims across a variety of critical infrastructure sectors between June 2021 and February 2025.
A record $16.6 billion in cyber and scam-related losses overall were reported in 2024 to the IC3, a 33% increase over 2023, according to the report.
The figure likely represents an underreporting of the total loss from cyber-enabled fraud and scams, Kaiser said, particularly among those 60 and older who make up the most impacted demographic group tracked by the agency with more than $4.8 billion in losses reported across more than 147,000 complaints in 2024.
Cryptocurrency fraud accounted for at least $9.3 billion in losses in 2024, according to the report. Spread across investment scams, extortion and sextortion, and cryptocurrency ATMs and kiosks, cryptocurrency-related fraud is up 66% over 2023, according to the report.
The FBI has notified more than 5,400 victims who have been targeted via cryptocurrency fraud between January 2024 and April 2025, most of whom did not know they were being targeted, Christopher Delzotto, section chief of the Financial Crime Section for the FBI, told reporters.
(Reporting by AJ Vicens; Editing by Lisa Shumaker)
Comments