Cybersecurity

Treasury: $590M paid out by victims of ransomware attacks in first half of 2021

A report released by the Treasury Department Friday found that around $590 million had been paid by victims of ransomware to their attackers in the first six months of 2021, as such attacks skyrocketed. 

The findings were part of a report released by the Treasury’s Financial Crimes Enforcement Network (FinCEN), which concluded that based on suspicious activity reports filed during the first half of 2021, “ransomware is an increasing threat to the U.S. financial sector, businesses, and the public.”

Just over 450 ransomware payments were reported to FinCEN from the beginning of January through end of June, with the amount of suspicious activity reports increasing by 30 percent from last year. The amount paid by victims also massively increased compared to 2020, when $416 million was paid out over the entire year. 

“Ransomware actors are criminals who are enabled by gaps in compliance regimes across the global virtual currency ecosystem,” Deputy Treasury Secretary Wally Adeyemo said in a statement Friday. “Treasury is helping to stop ransomware attacks by making it difficult for criminals to profit from their crimes, but we need partners in the private sector to help prevent this illicit activity.”

The report found that bitcoin was the most common payment method for victims to pay ransomware demands, highlighting an increasing area of concern for officials as a result of ransomware payments. The Treasury Department issued its first sanctions against a virtual currency exchange last month, targeting SUEX CO. for allegedly facilitating ransomware payments. 

Ransomware attacks have become an increasing concern over the past year, particularly during the COVID-19 pandemic, when malicious actors have taken advantage of more people moving online for various activities. 

Hospitals, schools and government organizations have been hit, alongside companies critical to supply chains, such as the ransomware attacks on Colonial Pipeline and meat producer JBS USA in May. 

The report was released following a two-day meeting hosted by the White House and involving the participation of over 30 countries aimed at strengthening global cooperation to confront ransomware attacks, with several nations participating reporting attacks on hospitals during the COVID-19 pandemic. 

The nations were particularly concerned with the use of cryptocurrency exchanges for ransomware attack payments, and vowed to take “concerted efforts” to disrupt illicit financial mechanisms that fueled the growth of ransomware attacks.