FTC issues second report to Congress on ransomware and cyberattacks

The Federal Trade Commission issued a second report to Congress on its efforts to combat ransomware and other cyberattacks. The submission fulfills requirements under the Reporting Attacks from Nations Selected for Oversight and Monitoring Web Attacks and Ransomware from Enemies Act. The law directs the agency to update Congress on its work against cyberattacks. An initial report in 2023 covered FTC activities related to China, Russia, North Korea and Iran, along with steps to address ransomware and other threats. The 2025 Ransomware Report updates those activities and describes the agency's data security enforcement program. That program seeks to ensure companies protect personal data they hold. The FTC has filed more than 90 enforcement actions that produced favorable outcomes, including settlements with GoDaddy and Illuminate Education. The agency has also pursued parties involved in tech support scams. It has issued alerts and guidance for consumers and businesses on malware, cybersecurity and tech support scams. The Commission approved the report