US banks processed over $1 billion in ransomware payments last year

(Image credit: Pixabay)

Banks in the United States processed almost $1.2 billion in ransomware payments last year, a new report has claimed.

The Financial Crimes Enforcement Network (FinCEN) drew on data from the ransomware-related Bank Secrecy Act (BSA) filings throughout 2021, and found such incidents have increased “substantially” year-on-year, with roughly 75% of the reported incidents happening in the second half of the 2021.

Russian actors are to blame for the bulk of these incidents, the report added.

Ransomware rise

Last year, FinCEN received a total of 1,489 ransomware-related filings, collectively worth almost $1.2 billion, which is a 188% increase compared to the year before. In 2020, the organization claims, FinCEN filings totaled $416 million. This doesn’t necessarily have to mean ransomware attacks grew in volume - it can also mean reporting on these incidents improved, the report claims. 

The report also stated that the values of these incidents did not significantly differ month-to-month, during 2021, with the median incident amount for these transactions being $135,000, up slightly from $102,273 for the first half of the year.

“Today’s report reminds us that ransomware—including attacks perpetrated by Russian-linked actors— remain a serious threat to our national and economic security,” said FinCEN Acting Director Himamauli Das. “It also underscores the importance of BSA filings, which allow us to uncover trends and patterns in support of whole-of-government efforts to prevent and combat ransomware attacks.

Usually, ransomware operators would demand payment in bitcoin, monero, or other cryptocurrencies, and not in fiat. The transactions are faster, and cannot be stopped by an intermediary (unless they’re being sent to a third party such as a cryptocurrency exchange). With coin-mixing services such as Tornado Cash (whose developer got arrested earlier this year), hackers can launder the stolen cryptos. 

Researchers have found that state-sponsored actors in Russia and North Korea are using ransomware to fund various state operations. 

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.