According to a federal financial crimes monitor, U.S. banks and financial institutions received about $1.2 billion in potential ransomware payments in 2021, setting a new record and more than tripling the amount from the previous year.
The sum reflects payments that bank customers may have made to potential cybercriminals. In accordance with the Bank Secrecy Act, U.S. banks notify federal authorities of the suspected transactions.
The report is a result of a broad government initiative to track down and disclose ransomware assaults in the wake of the May 2021 hack of Colonial Pipeline, an American company. CEO Joseph Blount Jr. of the company gave $5 million to cyberterrorists operating in Russia. Later, the Department of Justice was able to get back about half of the ransom.
Tuesday in Washington, leaders from 36 nations and the European Union gathered to explore effective ways to combat threats from ransomware. A hacker installs malicious software on a computer or server to launch a ransomware assault, which prevents access to data or threatens to release it unless the ransom is paid.
According to the study, FinCEN reported 1,489 ransomware instances that cost close to $1.2 billion last year, a significant increase from the $416 million in damages noted in 2020.
The second half of the year is the focus of FinCEN’s study for 2021. According to the agency, Russia is responsible for four of the top five ransomware assaults that were reported during this time. The nation is also involved in over 75% of ransomware-related events.
The study suggests that the increase in complaints may be related to increased enforcement following the attack on the Colonial Pipeline. President Joe Biden issued a state of emergency as a result of the attack, which resulted in gasoline shortages in the Southeast and backed up air travel across much of the United States for days.
A law that requires some organizations to disclose specific cyber breaches and ransomware payments to the Cybersecurity, Infrastructure and Security Agency was signed by Biden in March. In January 2021, CISA also started a campaign to lessen the dangers of ransomware.