US FinCEN watchdog reports that companies may have forked out nearly US$600 million in ransomware payments through 2021
According to a report by the FinCEN watchdog organization, businesses worldwide likely paid ransomware attackers almost US$600 million in aggregate, in an attempt to secure compromised data. The FinCEN’s report states that banks and crypto exchanges reported transactions in this volume specifically to pay off ransomware threats.
This represents a marked increase in ransomware losses year on year. In 2020, for instance, businesses paid out US$416 million to ransomware attackers. The 2021 numbers are already worse, despite the year not having ended. In addition to the direct impact, the FinCEN states that “Suspicious Activity Reports” tie an additional US$5.2 billion to ransomware activities, as cybercriminals launder their money through crypto mixers.
Following the infamous WannaCry attack in 2017, ransomware attacks have been on the rise, followed by Petya, Bad Rabbit, and others. The increasing adoption of cryptocurrencies and the anonymity that the blockchain offers means that many ransomware packages demand payment exclusively with crypto. But with governments like China increasingly cracking down on the crypto industry, on the whole, we expect the nature of ransomware attacks and ransomware demands to evolve.