US banks processed over $1 billion in ransomware payments last year

Many attacks launched by Russian sources, report claims

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Banks in the United States processed almost $1.2 billion inransomwarepayments last year, a new report has claimed.

The Financial Crimes Enforcement Network (FinCEN) drew on data from the ransomware-related Bank Secrecy Act (BSA) filings throughout 2021, and found such incidents have increased “substantially” year-on-year, with roughly 75% of the reported incidents happening in the second half of the 2021.

Russian actors are to blame for the bulk of these incidents, the report added.

Ransomware rise

Last year, FinCEN received a total of 1,489 ransomware-related filings, collectively worth almost $1.2 billion, which is a 188% increase compared to the year before. In 2020, the organization claims, FinCEN filings totaled $416 million. This doesn’t necessarily have to mean ransomware attacks grew in volume - it can also mean reporting on these incidents improved, the report claims.

What is ransomware and how does it work?>The 10 worst ransomware attacks ever>Check out the best firewalls right now

The report also stated that the values of these incidents did not significantly differ month-to-month, during 2021, with the median incident amount for these transactions being $135,000, up slightly from $102,273 for the first half of the year.

“Today’s report reminds us that ransomware—including attacks perpetrated by Russian-linked actors— remain a serious threat to our national and economic security,” said FinCEN Acting Director Himamauli Das. “It also underscores the importance of BSA filings, which allow us to uncover trends and patterns in support of whole-of-government efforts to prevent and combat ransomware attacks.

Usually, ransomware operators would demand payment in bitcoin, monero, or other cryptocurrencies, and not in fiat. The transactions are faster, and cannot be stopped by an intermediary (unless they’re being sent to a third party such as a cryptocurrency exchange). With coin-mixing services such as Tornado Cash (whose developer got arrested earlier this year), hackers can launder the stolen cryptos.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Researchers have found that state-sponsored actors in Russia and North Korea are using ransomware to fund various state operations.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Windows PCs targeted by new malware hitting a vulnerable driver

Dangerous Android banking malware looks to trick victims with fake money transfers

Latest Google Pixel update includes surprise launch of Android 15’s best battery feature