US banks processed approximately $1.2 billion in ransomware payments in 2021 | Techy Kings


A laptop displays a message after being infected with ransomware as part of a worldwide cyber attack on June 27, 2017.

Rob Engelar | AFP | Getty Images

US banks and financial institutions processed about $1.2 billion in potential ransomware payments in 2021, a new record and nearly triple the previous year’s total, according to the federal financial crime watchdog.

The amount represents payments that bank customers have made to potential cybercriminals. US banks report suspicious transactions to federal authorities under the Bank Secrecy Act.

More than half of ransomware attacks are linked to suspected Russian hackers, according to a new report released Tuesday from the Treasury Department’s Financial Crimes Enforcement Network, or FinCEN, which analyzed the data.

The report describes a comprehensive government effort to identify and report ransomware attacks following the May 2021 hack of US-based Colonial Pipeline’s IT network. Company CEO Joseph Blount Jr. paid a Russian-based cybercriminal $5 million. The Justice Department later obtained about half of the ransom.

Leaders from 36 countries and the European Union met Tuesday in Washington to discuss effective countermeasures against the ransomware threat. A ransomware attack is a type of cyber attack in which hackers install malicious software on a computer or server that threatens to release data or block access to it until a ransom is paid.

FinCEN said there were 1,489 ransomware incidents that cost nearly $1.2 billion last year, a big increase from the $416 million in damage recorded in 2020, according to the report.

FinCEN’s analysis covers 2021, with a focus on the second half of the year. The agency said four of the top five ransomware attacks reported during this period were tied to Russia. Around 75% of ransomware-related incidents are also country-related.

The spike in reports may be due to an increase in enforcement since the Colonial Pipeline attack, according to the analysis. The attack shut down pipelines for days, caused fuel shortages in the Southeast and air traffic that snarled much of the US President Joe Biden declared a state of emergency as a result.

In March, Biden signed a measure requiring some businesses to report cyber incidents and certain ransomware payments to the Cybersecurity, Infrastructure and Security Agency. CISA also launched a campaign to reduce the risk of ransomware in January 2021.


Source link