I can't think of anything that's off limits to them': FBI slams cybercriminals for attacking schools, hospitals, as crypto fraud soars

News
By published

New FBI IC3 report reveals some shocking stats

ransomware avast
(Image credit: Avast)
  • FBI’s 2025 Internet Crime Report shows $17.6 billion stolen in the year
  • Cyber-enabled fraud and investment scams caused biggest losses
  • Ransomware hit hospitals, schools, and critical infrastructure indiscriminately

The FBI has slammed cybercriminals for carrying out indiscriminate attacks against some of the most vulnerable elements of society, including schools and hospitals.

The US law enforcement agency presented its annual Internet Crime Complaint center (ICR) report for 2025, giving a snapshot of criminal activities, their effects on citizens, and their efforts to combat the threat.

And as per the report, cybercriminals stole a shocking $17.6 billion in 2025 - mostly through scams and fraud.

Article continues below

Fraud hits new highs

Cyber-enabled fraud, where crooks trick people into giving away money, data, identities, or are fooled into purchasing counterfeit goods and services, makes up almost 85% of all losses. At the same time, cyber-enabled fraud made up less than half (45%) of all complaints the IC3 received last year (1,008,597 in total).

This means that the biggest losses, on average, are in cyber-enabled fraud.

Investment fraud, where victims are tricked into “investing” their money on fake cryptocurrency exchanges, and into crypto tokens that either appreciate in value incredibly fast, or offer high yields for staking, were the second-biggest type of attack.

Here, victims lost $8.6 billion last year. In third place is Business Email Compromise (BEC), where criminals break into an executive’s email account and order their employees to quietly make a wire transfer.

Targeting hospitals

But the biggest shame about cybercrime is not in the money the criminals take - it’s who they are taking it from. Hospitals, schools, emergency responders, and city government agencies, to name a few.

During a presentation of the findings, Cyber Division Section Chief Taushiana Bright said there’s been a surge in the number of ransomware variants circulating online today. At the moment, the IC3 is investigating more than 200 variants, actors, and enablers, 63 of which were identified last year.

“Cybercriminals have indiscriminately attacked hospitals, emergency responders, schools and entire city governments. I can't think of anything that's off limits to them,” Bright said.

In total, the IC3 received 3,611 complaints, which resulted in $32 million in losses. This is up from 3,156 complaints in 2024, when $12 million were lost. While this might not sound like much, the IC3 stresses that many ransomware attacks are still not being reported to the authorities. Some, truth be told, get reported at a later date, as well.

Hitting critical infrastructure

Electrical pylons and high voltage power lines are behind a barbed wire fence. critical infrastructure

Cybercriminals are increasingly targeting critical infrastructure (Image credit: Shutterstock)

Critical infrastructure, and its 16 sectors that are essential to national security, economic stability, and public health, continue facing sustained ransomware pressure, the report finds. These attacks have disproportionately impacted these sectors, with the IC3 recording at least 655 ransomware incidents affecting organizations within these sectors.

Those incidents resulted in more than $261 million in reported losses, though the report cautions that the real financial impact is likely significantly higher due to unaccounted costs such as downtime and remediation. Authorities were able to freeze approximately $146 million tied to these cases, reflecting a partial but meaningful response.

There used to be a time when even cybercriminals had a code of conduct. During the Covid years, ransomware operators DarkSide and LockBit specifically instructed their affiliates not to target hospitals, and LockBit even publicly disavowed an affiliate after striking Toronto’s SickKids children’s hospital.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.