Financial institutions

Ransomware: US Financial Institutions Report Significant Increase in Payments to Cybercriminals

The data “indicates that ransomware poses a growing threat to the U.S. financial industry, businesses, and the public,” the report from the Treasury’s Financial Crimes Enforcement Network said..

The report comes as the Biden administration has sought several ways to cut off the revenue streams of Russian-speaking ransomware groups that have extorted millions of dollars from major US corporations. President Joe Biden asked Russian President Vladimir Putin in June to crack down on cybercriminals operating from Russian soil; US officials are waiting to see if Moscow will take concrete action.

Treasury data includes so-called suspicious activity reports that financial institutions are required to file within 30 days of detecting suspected money laundering or fraud. They cover suspected ransomware-related payments that banks and other companies are aware involve themselves or their customers.

“If current trends continue, SARs filed in 2021 are expected to have a higher ransomware-related transaction value than SARs filed in the previous 10 years combined,” the report said.

The total value of suspicious activity reports related to ransomware filed in the first six months of 2021 was $590 million (some of these transactions took place in 2020), compared to $416 million reported in 2020. increase in reported payments may be due to both the increase in ransomware attacks and greater awareness of threats and detection tools available to organizations, the report states.

The Treasury report “underscores the pervasiveness of ransomware and how it affects many facets of the U.S. economy,” Amy Chang, head of risk and response at cyber insurance firm Resilience, told CNN. .

The report, she added, “provides valuable insights for cybersecurity practitioners, from threat hunting to data modeling to ransom payment considerations.”

After a series of ransomware attacks in recent months on US critical infrastructure, the issue has become an economic and national security priority for the Biden administration.

The White House convened a virtual summit of 30 countries this week to try to find more effective ways to track and prosecute ransomware gangs. Russia was notably absent. The United States has tried to pressure Moscow to curb ransomware attacks in bilateral talks.

Missouri Governor Threatens Lawsuit Against Journalist Who Discovered Social Security Numbers Vulnerability

Meanwhile, US agencies have been looking for other ways to slow down ransomware groups. The Treasury imposed sanctions last month on a cryptocurrency exchange that US officials have accused of doing business with hackers behind eight types of ransomware.

US officials are discouraging companies from paying ransoms because it risks fueling even more hacks. But some companies say they have no choice but to pay the scammers who hold their systems hostage.

Treasury officials also released updated guidance for US companies on how they can avoid breaching US sanctions when paying ransoms.