Today’s cyber landscape has provided ample opportunities for criminals and adversaries to target U.S. networks, attack our critical infrastructure, hold our money and data for ransom, facilitate large-scale fraud schemes, and threaten our national security. At the FBI, we know “cyber risk is business risk” and “cyber security is national security.”
There is no shortage of recent examples showing the wide-ranging economic and national security effects of cyber crimes. We have seen cyber threats emanate from around the world and witnessed the scope and sophistication of these scams and attacks deepen. As these threats increase, we continue to encourage victims to report cyber incidents and cyber-enabled frauds to the FBI so that we may impose risks and consequences on malicious cyber actors.
Because cyberattacks and cyber-enabled frauds continue to affect our everyday lives, the FBI’s Internet Crime Complaint Center (IC3) is critical to combatting the cyber threat. The IC3 serves as a public resource to submit reports of cyberattacks and incidents, which allows us to collect data, identify trends, and pursue the threat at hand. In 2022, the IC3 received 800,944 complaints, which is a 5 percent decrease from 2021. However, the potential total loss has grown from $6.9 billion in 2021 to more than $10.2 billion in 2022. While the number of reported ransomware incidents has decreased, we know not everyone who has experienced a ransomware incident has reported to the IC3. As such, we assess ransomware remains a serious threat to the public and to our economy, and the FBI and our partners will remain focused on disrupting ransomware actors and increasing the risks of engaging in this activity. In concert, the public can play a crucial role by taking proactive measures to prevent and prepare for a potential cyber attack and, if there is an incident, by reporting it to the FBI through the IC3. Though cybercriminals are continuously seeking to make their attacks more resilient, more disruptive, and harder to counter, public reporting to the IC3 helps us gain a better understanding of the threats we face daily.
The FBI’s commitment to assisting victims of cyber crimes and cyber-enabled frauds, as well as our dedication to working with partners to combat these crimes, allows for continued success through programs such as the IC3’s Recovery Asset Team (RAT). Established in 2018, RAT streamlines communications with financial institutions and FBI field offices to assist freezing of funds for victims. In 2022, RAT initiated the Financial Fraud Kill Chain (FFKC) on 2,838 Business Email Compromise (BEC) complaints involving domestic-to-domestic transactions with potential losses of over $590 million. A monetary hold was placed on approximately $433 million, which represents a 73 percent success rate. In 2022, RAT saw a 64 percent increase in FFKCs initiated compared to 2021.
While the cyber threat is ever-growing, the FBI remains appreciative of those individuals and entities who report cyber incidents to the IC3, as that valuable information helps fill in gaps that are crucial to advancing our investigations. Your efforts are critical to our ability to pursue the perpetrators and share intelligence to protect your fellow citizens. Cyber is the ultimate team sport, and we are in this fight together. The FBI is relentlessly focused on promoting safety, security, and confidence into our digitally connected world, and we are eager to continue working with the American public to bring cybercriminals to justice around the globe.
Today’s FBI is an intelligence-driven and threat focused national security organization with both intelligence and law enforcement responsibilities. We are focused on protecting the American people from terrorism, espionage, cyber-attacks, and major criminal threats which are increasingly emanating from our digitally connected world. To do that, the FBI leverages the IC3 as a mechanism to gather intelligence and internet crime so that we can support the public and our many partners with information, services, support, training, and leadership to stay ahead of the threat.
The IC3 was established in May 2000 to receive complaints crossing the spectrum of cyber matters, to include online fraud in its many forms including Intellectual Property Rights (IPR) matters, Computer Intrusions (Hacking), Economic Espionage (Theft of Trade Secrets), Online Extortion, International Money Laundering, Identity Theft, and a growing list of Internet facilitated crimes. As of December 31, 2022, the IC3 has received over seven million complaints. The IC3 mission to provide the public and our partners with a reliable and convenient reporting mechanism to submit information concerning suspected cyber-enabled criminal activity and to develop effective alliances with law enforcement and industry partners to help those who report. Information is analyzed and disseminated for investigative and intelligence purposes for law enforcement and public awareness.
The information submitted to the IC3 can be impactful in the individual complaints, but it is most impactful and in the aggregate. That is, when these individual complaints are combined with other data, it allows the FBI to connect complaints, investigate reported crimes, track trends and threats, and, in some cases, even freeze stolen funds. Just as importantly, the IC3 shares reports of crime throughout its vast network of FBI field offices and law enforcement partners, strengthening our nation’s collective response both locally and nationally.
To promote public awareness and as part of its prevention mission, the IC3 aggregates the submitted data and produces an annual report on the trends impacting the public as well as routinely providing intelligence reports about trends. The success of these efforts is directly related to the quality of the data submitted by the public through the public, www.ic3.gov interface. Their efforts help the IC3, and the FBI better protect their fellow citizens.
March 17, 2023 Published by The FBI US Gov. (Download Report in PDF)