RICHMOND, Va. (WWBT) – Cyber security experts say they’re seeing an uptick in cyber attacks online.
“It’s high intensity, and we try to bring calm to that storm. We very frequently deal with organizations that have been completely taken down by things like ransomware, or their business has completely lost operations and the ability to function. We work on behalf of them to try and recover systems and get them back online,” Mark Lance, Ransomware Negotiator with GuidePoint Security, said.
Lance’s work schedule is no 9-5 either. He works multiple cases at a time which includes working off-hours in order to be readily available to victims in need, or to negotiate with cyber criminals.
Even making a deal with them could take days to even a couple of weeks, according to Lance.
“Sometimes, the intent is to clean up as much information as we can from the cyber criminals that can be used as part of the investigation. Other times, businesses might determine we might actually need to pay the ransom to prevent certain information from being publicly posted,” he said.
Lance said the number of ransomware cases continue to climb. GuidePoint Security saw a 45 percent increase in cases over the last year.
According to a new report by Comparitech, there were 445 confirmed ransomware attacks, with 260 targeting businesses, 93 going after government entities, 52 attacking healthcare companies and 40 targeting educational institutions in the first half of 2025.
The culprits are much more developed than most think.
“They continue to evolve over time. We’re seeing how these cyber criminals leverage A-I. They’re using the same tools to make themselves more efficient,” he said.
And most of the time, they’re not acting alone.
“These organizations are fully-fledged businesses that have PR teams, they have financial review and financial analysts who determine the amount of ransoms, and they have troubleshooting and support engineering teams,” he said.
Lance says cyber criminals are everywhere, but most are usually based in Eastern Europe.
That’s mainly because there is less law enforcement there, focused on hacking and cybercrimes and a very low chance of extradition.
There are also outlier groups located in North Korea, the United Kingdom, and even here in the country.
Thankfully, there are ways to protect yourself from falling victim.
Lance said don’t click on certain online links or text messages, be careful who you communicate with online, and never share your personal information.
If it seems too good to be true then it probably is.
“Everyone’s got information that could potentially leverage for extortion purposes,” Lance said.
Copyright 2025 WWBT. All rights reserved.
