The Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) has revealed unprecedented financial damages from cyber threats in 2024.
According to the FBI’s annual report, victims reported a staggering $16.6 billion (approximately ₹1.38 lakh crore) in losses, marking a 33% increase from 2023 figures.
With 859,532 complaints filed throughout the year, this alarming trend highlights the evolving sophistication of cyber criminals and their expanding attack surface.
.png
)
The dramatic rise in financial losses comes despite significant actions taken by the FBI to combat malicious actors.
.webp)
As detailed in the report, investment fraud dominated the landscape with $6.57 billion in losses, followed by Business Email Compromise schemes accounting for $2.77 billion.
Tech support fraud, which particularly targeted older Americans, resulted in approximately $1.46 billion in damages, demonstrating how threat actors continue to exploit vulnerable populations.
IC3 analysts identified ransomware as one of the most pervasive threats to critical infrastructure, with complaints rising 9% from 2023 levels.
Particularly concerning was the prominence of LockBit, ranking as the second most reported ransomware variant in 2024. The malicious software employs sophisticated encryption algorithms to lock victims’ systems and demands cryptocurrency payments for decryption keys.
The LockBit ransomware typically infiltrates networks through phishing emails containing malicious attachments or by exploiting unpatched vulnerabilities in internet-facing systems.
Once executed, the malware conducts reconnaissance, establishes persistence, and moves laterally through networks before deploying its encryption payload.
A typical infection sequence involves the following operations:-
LockBit.exe -m 5 -net 1 -p *.* -r -id [victim_identifier]This command instructs the ransomware to operate in mode 5 (stealth mode), target network drives, encrypt all file types, recursively traverse directories, and tag encrypted files with a unique victim identifier.
LockBit’s persistence techniques merit particular attention due to their effectiveness in evading detection.
The malware creates registry keys within the Windows startup locations and implements watchdog processes that monitor for attempts to terminate its operation.
Additionally, it deploys countermeasures against forensic analysis by clearing event logs and deleting shadow copies, making recovery without decryption keys extremely difficult.
Ransomware Complaints by Industry Sector shows critical infrastructure organizations suffered disproportionately from ransomware attacks, with healthcare, financial services, and government entities experiencing the highest number of incidents.
The FBI’s report emphasizes the importance of reporting cyber incidents promptly through the IC3 portal, noting that their Recovery Asset Team achieved a 66% success rate in freezing fraudulent transactions, recovering over $561 million in 2024.
As cybercriminals continue to evolve their tactics, maintaining vigilant security practices remains essential for organizations and individuals alike.
Malware Trends Report Based on 15000 SOC Teams Incidents, Q1 2025 out!-> Get Your Free Copy
