The report highlights three main types of FTC activity: (1) data‑security enforcement (the Commission’s data‑security enforcement program and more than 90 enforcement actions to date, including recent settlements with GoDaddy and Illuminate Education); (2) law‑enforcement and investigative work against bad actors (including actions against tech‑support and cross‑border fraud schemes that facilitate ransomware and related attacks); and (3) consumer and business outreach and education (alerts, guidance, and advice on malware, cybersecurity hygiene, and tech‑support scams).
Yes. The report includes consumer‑ and business‑facing guidance and alerts—updated advice about malware, cybersecurity best practices, and tech‑support scams—and points readers to FTC resources and alerts to reduce ransomware risk.
The FTC relies primarily on Section 5 of the FTC Act (the agency’s authority to stop unfair or deceptive acts or practices) as its core legal basis for civil data‑security and consumer‑protection enforcement; it also enforces industry‑specific consumer‑protection statutes where applicable. The RANSOMWARE Act (the 2023 law mandating these reports) requires the Commission to report to Congress on its ransomware work.
The report says the FTC coordinates with counterpart agencies and law‑enforcement partners—sharing intelligence, referring criminal matters to prosecutors, and participating in interagency efforts—but it frames the role mainly as cooperative (policy, enforcement referrals, and information‑sharing) rather than describing a single new joint program in the 2025 update.
Yes. The report highlights FTC enforcement work and references favorable outcomes and settlements (for example, settlements with GoDaddy and Illuminate Education) as examples of the agency’s data‑security enforcement affecting cyber‑related incidents, and it summarizes types of cases the Commission has brought.
The report does not propose a single congressional package in the press release summary; it instead fulfills the RANSOMWARE Act reporting requirement and focuses on FTC activities (enforcement, education, and coordination). It does not list a boxed set of legislative or funding requests for Congress in the press summary.