- U.S. financial institutions reported a record-setting $1.2 billion worth of ransomware-related filings in 2021, a nearly 200% increase compared to the $416 million in 2020, according to a report published by the Financial Crimes Enforcement Network (FinCEN) on Tuesday.
- The agency said it received 1,489 ransomware-related filings last year compared to 487 in 2020.
- According to FinCEN, Russia-related malware dominated the analysis, with those threat actors linked to the top five highest-grossing ransomware variants.
“Today’s report reminds us that ransomware—including attacks perpetrated by Russian-linked actors— remains a serious threat to our national and economic security,” FinCEN Acting Director Himamauli Das said in a statement. “Financial institutions play a critical role in helping to protect the United States from ransomware-related threats simply by fulfilling their [Bank Secrecy Act] compliance obligations.”
Around 75% of the ransomware-related incidents reported in the latter half of 2021 can be traced back to Russia-affiliated cyber actors, the agency said.
Ransomware is a malicious software that attacks a victim’s files and holds the data hostage until a ransom is paid, usually in Bitcoin, according to FinCEN.
FinCEN's latest analysis is based on data between July 2021 and December 2021 and builds on its October 2021 report, the agency said. The report focuses on ransomware patterns and trends identified in the BSA data for the second half of 2021.
FinCEN’s report is issued pursuant to the Anti-Money Laundering Act of 2020, and was created to track ransomware attacks against U.S. critical infrastructure sectors, businesses and the public.
It’s not clear if the uptick in ransomware-related filings signifies an actual increase in ransomware-related incidents, FinCEN noted. The bump could be related to improved reporting and detection, the agency said.
The report comes as the Biden administration has warned U.S. businesses about the increasing risk of Russia-affiliated cyberattacks.
In March, President Joe Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCA), which requires certain businesses to report cyber incidents and ransomware payments to the Cybersecurity and Infrastructure Security Agency (CISA).