Cybercrime is on the rise, and San Francisco is feeling the heat. According to a new warning from the FBI’s San Francisco field office, the volume and sophistication of cyberattacks targeting businesses, institutions, and individuals have grown alarmingly. In particular, ransomware threats disrupt critical services and expose vulnerabilities in small companies and federal agencies.
The FBI urges stronger collaboration, faster reporting, and tighter cybersecurity measures to combat these escalating threats.
Ransomware Threats Are Skyrocketing
One of the most concerning developments highlighted by the FBI is the rapid increase in ransomware attacks. These malicious attacks, in which hackers encrypt a victim’s data and demand payment to decrypt it, are becoming more frequent and damaging.
FBI Special Agent in Charge Sanjay Virmani, who leads the cybercrime unit in San Francisco, confirmed that ransomware incidents are growing in number, scale, and complexity. “They’re not just stealing data anymore,” said Virmani. “They’re positioning themselves for future disruptive attacks.”
The statistics speak volumes: In 2024, the FBI’s Internet Crime Complaint Center (IC3) received more than 86,000 extortion complaints — a staggering 79% increase from the previous year. These complaints span a wide range of cyber extortion schemes, including ransomware, sextortion, blackmail, and threats to release private information.
The Rise of Sophisticated Threat Actors
Another significant concern for the FBI is the involvement of state-sponsored hackers, particularly from China. According to Agent Virmani, Chinese cybercriminals have been increasingly active in infiltrating government networks, stealing intellectual property, and engaging in cyber espionage.
“The threats from them have grown significantly,” Virmani warned, emphasizing that these activities are part of a broader geopolitical strategy to undermine U.S. interests.
As state-sponsored actors continue to increase their activities, it is clear that cybercrime has become a strategic tool in global power dynamics, making it more urgent than ever for businesses to shore up their defenses.
The Soaring Costs of Cybercrime
The financial impact of cybercrime continues to rise. The FBI’s 2024 report shows that cyber-enabled crimes cost victims more than $16.6 billion in damages. These crimes include business email compromise scams, identity theft, ransomware, and online investment fraud.
Despite these staggering losses, the FBI notes that only a fraction of cybercrimes are reported. In a recent case involving a ransomware attack, the FBI found that only about 20% of the victims had notified law enforcement. This concerning pattern hampers the bureau’s ability to track and mitigate threats effectively.
Timely reporting is critical. According to Agent Virmani, the FBI has been able to recover stolen funds and stop ongoing attacks — but only when victims report incidents promptly. The FBI strongly encourages all victims of cybercrime to report incidents through the centralized platform, www.IC3.gov, to aid in the response and prevent future attacks.
Why Businesses Must Stay Alert
At the recent RSA Conference in San Francisco, the FBI emphasized the importance of public-private partnerships in cybersecurity. Department of Homeland Security Secretary Kristi Noem remarked, “Instead of just talking about cybersecurity, we’re going to do it. We’re giving businesses a real seat at the table.”
Cybersecurity experts agree that no business, regardless of size, is immune to attack. From small mom-and-pop shops to multinational corporations, every organization faces the risk of a cyberattack. Former National Cyber Director Chris Inglis cautioned that although defenses have improved, cybercriminals adapt even faster. “The offense is moving at lightning speed,” Inglis noted. “It’s still a cat-and-mouse game.”
The key takeaway: businesses must take proactive steps to protect themselves and assume they are always at risk.
A Recent Win: LockBit Takedown
While the landscape may seem bleak, the FBI has achieved notable successes in combating cybercrime. One such success was disrupting the LockBit ransomware group in 2024. This group was among the most active and dangerous in the cybercriminal ecosystem.
“We got charges on key actors. We disrupted their infrastructure,” said Agent Virmani. “It was a win — but it won’t be the last battle.”
These wins show that early reporting and international cooperation between law enforcement agencies can significantly disrupt cybercrime operations and prevent further harm.
What Can You Do to Stay Safe?
Whether you’re a business owner, an employee, or simply browsing online, there are critical steps you can take to protect yourself and your organization from cyber threats:
- Update Software Regularly: Patches fix known security vulnerabilities. Neglecting updates makes systems more vulnerable.
- Use Strong, Unique Passwords: Avoid using the same password across multiple sites. A password manager can help you securely keep track of different credentials.
- Enable Multi-Factor Authentication (MFA): Adding an extra layer of security makes it much harder for attackers to access your accounts.
- Backup Data Frequently: Having offline data backups can be a lifesaver if your organization falls victim to a ransomware attack.
- Report Incidents Immediately: Report cyber incidents through IC3.gov. The sooner you report, the sooner authorities can act to mitigate further damage.
- Educate Your Team: Employees are often the first line of defense against cyberattacks. Regular training on recognizing phishing attempts and social engineering tactics can significantly reduce the likelihood of successful attacks.
The Road Ahead: Building Cyber Resilience
The digital landscape is rapidly evolving, and San Francisco remains a key target for cybercriminals due to its thriving tech scene and high-value assets. The FBI calls on businesses and communities to treat cybersecurity as a shared responsibility.
Every small action, from installing software patches to reporting suspicious activities, counts toward improving the nation’s overall cyber defense.
“Cybercrime isn’t going away,” concluded Agent Virmani. “But if we work together — if we stay vigilant — we can outsmart the threats before they strike.”
Report a Cybercrime:
If you or your business becomes a victim of cybercrime, report it immediately through the FBI’s Internet Crime Complaint Center (IC3) at: www.IC3.gov
By reporting incidents promptly, you help law enforcement track evolving threats, disrupt cybercriminal operations, and reduce future risks.
