Published on: 2025-04-15

Intelligence Report: FBI Says Enable 2FA Now As Cyber Attacks Surge – Forbes

1. BLUF (Bottom Line Up Front)

The surge in ransomware attacks, notably led by groups such as Clop, FunkSec, and Medusa, underscores the critical need for enhanced cybersecurity measures. The FBI strongly recommends the implementation of two-factor authentication (2FA) as an immediate and effective defense against these threats. Despite a decrease in ransom demands, the frequency of attacks is increasing, posing significant risks to organizations globally.

2. Detailed Analysis

The following structured analytic techniques have been applied for this analysis:

General Analysis

The current landscape of cyber extortion is characterized by a notable increase in ransomware attacks, with a significant rise in the number of victims. Clop has emerged as a dominant threat actor, responsible for 35% of all victims on data-leak sites in February 2025. This represents a staggering 1,400% increase in their activity. FunkSec and Medusa also contribute to the growing threat, with FunkSec adding 152 victims this quarter. The disruption of other ransomware gangs in late 2024 has likely contributed to the rise of ransomware-as-a-service activities.

3. Implications and Strategic Risks

The escalation in ransomware attacks poses substantial risks to national security, economic stability, and organizational integrity. The increased frequency and sophistication of these attacks threaten critical infrastructure and sensitive data. The reliance on digital systems across sectors amplifies the potential impact of such cyber threats, necessitating urgent and coordinated responses from both public and private entities.

4. Recommendations and Outlook

Recommendations:

• Implement two-factor authentication for all critical systems and services, especially webmail and VPNs.
• Adopt robust password policies, including the use of long passwords and minimizing frequent password changes.
• Maintain multiple, securely stored copies of sensitive data to mitigate data loss during attacks.
• Enhance collaboration between government agencies and private sectors to share threat intelligence and best practices.

Outlook:

In the best-case scenario, widespread adoption of recommended cybersecurity measures will reduce the success rate of ransomware attacks. In the worst-case scenario, failure to implement these measures could lead to increased attacks and significant economic and operational disruptions. The most likely outcome is a continued rise in attacks, with organizations gradually improving their defenses in response.

5. Key Individuals and Entities

The report highlights the activities of significant threat groups such as Clop, FunkSec, and Medusa. These entities are central to the current surge in ransomware attacks and are critical targets for cybersecurity efforts.