Ransomware report

Treasury Department Says Ransomware Payments in 2021 Reached Nearly $1.2B

The Department of the Treasury said financial institutions across the U.S. processed nearly $1.2 billion in ransomware payments in 2021, representing a nearly 200 percent on-year increase.

According to a report from the Financial Crimes Enforcement Network, a bureau within the Treasury Department, the sharp increase indicates that ransomware remains a significant threat to businesses and critical infrastructure. The report noted that most of the ransomware activity took place in the second half of 2021, with 75 percent of the intrusions attributed to Russian cybercriminals.

The report also revealed that despite efforts to protect customer data, hackers continue to target the financial sector because of organizations’ willingness to pay, SC Media reported.

Michael Bruemmer, global vice president of cybersecurity company Experian, said many organizations prefer not to report ransomware attacks to authorities out of fear of public scrutiny or concerns with government penalties. A study by IT security company Sophos issued on Oct. 11 found that 52 percent of financial institutions that were hit by ransomware attacks paid the ransom.

Drew Schmitt, a ransomware negotiator and principal threat intelligence analyst at GuidePoint Security, said ransomware groups are using double extortion attacks, where they steal data and exfiltrate them before encryption. According to Schmitt, some hackers tell their victims that they would leak the stolen data to their competitors.

Bruemmer also shared that cryptocurrency has allowed hackers to ramp up their attacks. According to a report from the Senate Committee on Homeland Security and Governmental Affairs, the decentralized nature of cryptocurrency allows ransomware groups to move illicit proceeds across different countries while making them difficult to track.

During the White House’s International Counter Ransomware Initiative, the White House said CRI members would share information about crypto wallets used for money laundering and would introduce other steps to prevent crypto-enabled money laundering.