The Federal Trade Commission (FTC) has released its second report to Congress, focusing on the agency's initiatives to fight ransomware and various cyberattacks. This report is part of the requirements set by the Reporting Attacks from Nations Selected for Oversight and Monitoring Web Attacks and Ransomware from Enemies Act (RANSOMWARE Act).

In the initial report from 2023, the FTC outlined its activities related to cyber threats from countries such as China, Russia, North Korea, and Iran. The latest 2025 Ransomware Report serves as an update, showcasing the FTC's ongoing commitment to tackling ransomware and other cyber threats.

The report highlights the FTC's data security enforcement program, which aims to ensure that companies take adequate measures to protect personal data. To date, the FTC has initiated over 90 enforcement actions with positive outcomes, including settlements with companies like GoDaddy and Illuminate Education.

Additionally, the FTC has targeted individuals involved in tech support scams and has been proactive in educating both consumers and businesses on how to safeguard their data against cyberattacks. This includes providing timely alerts and advice on malware, cybersecurity, and tech support scams.

The Commission's vote to approve the 2025 report was unanimous, with a 2-0 decision.