Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label FinCEN. Show all posts
Ransomware
BlackCat Cyber Attacks Extortion FinCEN LockBit Ransomware

FinCEN: Ransomware Gangs Extorted Over $2.1B from 2022 to 2024

 

FinCEN’s most recent report has revealed that ransomware activity reached a new peak in 2023, accumulating over $1.1 billion in payments before a decline in 2024, as law enforcement pursued major gangs such as ALPHV/BlackCat, LockBit. In general, FinCEN data reveals $2.1 billion in ransoms paid from 2022 through 2024, and about $4.5 billion from 2013 to 2024. 

FinCEN’s findings draw on thousands of Bank Secrecy Act reports, that registered 4,194 ransomware incidents between January 2022 and December 2024. Ransomware earnings peaked 2023 with 1,512 incidents and a 77% increase in payouts from 2022, but dropped to nearly $734 million in 1,476 incidents during 2024, decrease attributed to the global disruption of the BlackCat and LockBit operations. These takedowns left affiliates to either transition to other ransomware brands or try to rebuild. 

The report does note that most single ransom amounts were under $250,000, although some sectors consistently took the biggest hits. By number of incidents, manufacturing, financial services, healthcare, retail, and legal services were the most frequently targeted industries from 2022 to 2024. By total losses, financial services led with about $365.6 million paid, followed by healthcare, manufacturing, science and technology, and retail, each suffering hundreds of millions in extorted funds.

Over the period under review, FinCEN counted 267 unique ransomware families; however, a handful caused the majority of distraught. Akira accounted for the most reports (376), followed by ALPHV/BlackCat with the highest earnings at close to $395 million, and LockBit with $252.4 million. As for the top 10 most active groups, they were a combined $1.5 billion between 2022 and 2024, featuring Black Basta, Royal, BianLian, Hive, Medusa, and Phobos. 

The flow of money is still largely in cryptocurrency, with around 97% of ransom payments in Bitcoin and the remainder in Monero, Ether, Litecoin and Tether. Notification of Ransomware Incident to FBI FinCEN stressed that routine, detailed reporting of ransomware incidents to the FBI and ransom payments to FinCEN continues to be critical to enable tracking of funds, further disrupting them, and sustaining the pressure that resulted in the decline noted in 2024.
Read more »
ransomware attacks
Cyber Crime FinCEN Ransomware ransomware attacks

Ransomware Crimes: More Than $1 Billion Netted in 2021


Cybercrime victims shelled out a record $1.2 billion, in order to have their data returned last year for ransomware attacks have significantly increased in size and intensity, as per the latest released federal data. 

According to a report by Financial Crimes Enforcement Network (FinCEN), banks processed over a billion dollars in transactions last year that were assumingly ransomware payments. The report concluded that this amount is more than double the amount of money from 2020. The top five highest-paid ransomware incidents all involved attackers with connections to Russia, FinCEN added.
 
The report “reminds us that ransomware- including attacks perpetrated by Russia-linked actors – remains a serious threat to our nation and economic security,” says Himamauli Das, FinCEN’s acting director, in a statement given this week. 

Ransomware is a kind of malware that allows hackers access to its victims’ digital devices, restricting the owner of their own files and data. Consequently, the hacker threatens victims, demanding a ransom payment from them, in order for them to restore access to the files. 

FinCEN, established in the year 1990, is an arm of the U.S. Department of Treasury. It is in charge of tracking international money laundering, terrorist financing, and other financial crimes. 

According to a report by FinCEN, hackers initially targeted people with ransomware attacks, but later advanced to targeting company giants and demanding bigger ransom payouts. In the year 2019, hackers created variations of ransomware attackers, namely ‘double extortion’, where they restrict owners to access their files and threaten to leak personal/ humiliating data to the public – if the demands are not met. 

The year 2021 witnessed some of the biggest ransomware attacks on record, aimed at large companies and nonprofits. A Russian hacking group, for example, attacked the Colonial Pipelines, one of the largest pipelines in the U.S. in May 2021. The company later paid the ransom amount of $4.3 million in order to retrieve its stolen data. However, the federal authorities eventually recovered at least $2.3 million of the paid ransom. Additionally, hackers also attacked organizations like Planned Parenthood, Sinclair Broadcasting, Shutterfly, and payroll processing company Kronos last year. 

According to FinCEN, organizations reported 1,489 ransomware assaults in total in 2021, up 188% from the year 2020. 

More recently, a ransomware attack last May marked the last straw for Lincoln College, a historically Black College in rural central Illinois that opened in 1865. The school gave hackers a $100,000 ransom, a payout that compounded financial troubles caused by plummeting enrollment in recent years. The 157-year-old institution shuttered in May. 

Ransomware attacks have recently increased in frequency, with the growing remote work and e-learning, and with educational institutions becoming more prone to the attacks. 

In regards to the ongoing ransomware attacks, the Biden administration this week conducted a two-day summit, attended by around three dozen nations, the European Union, and a number of private-sector organizations, in order to find the best ways to combat the attacks. 

U.S. President Biden as well signed a new law, earlier this year, that requires owners of factories, banks, nuclear reactors, and other critical infrastructure operations to report when (or if) their computer systems or servers are attacked by ransomware. However, reporting is currently optional for the ransom victims, making it difficult to calculate full impact of the crime.  
Read more »
FinCEN
cryptocurrency Cyber Crime FinCEN

FinCEN Chief Blanco warns of Wide Scale Virtual Currency Scams


Financial Crimes Enforcement Network (FinCEN) is keeping a close watch on financial scams involving virtual currency payments as the COVID-19 pandemic opens new areas of exploitation said, Director Ken Blanco.



As we are stuck in an unfortunate period of emergency, these scammers are exploiting this vulnerability from extortion, ransomware, and the sale of fraudulent medical products, to initial coin offering investment scams.

“This type of cybercrime in the COVID-19 environment is especially despicable, because these criminals leverage altered business operations, decreased mobility, and increased anxiety to prey on those seeking critical healthcare information and supplies, including the elderly and infirm,” the Financial Crimes Enforcement Network chief told the virtual Consensus Blockchain Conference in a video conference.

Blanco stressed on the need for collaborating with other law enforcement agencies and working together to beat this issue by generating much-needed funds to help the recipients and for financial survival.
 “The need for our collaboration is clear and undeniable,” he stated.
He further delved into the cyber crimes occurring because of COVID-19 as much of the population and government employees are working from home these cybercriminals are attacking vulnerabilities in remote applications like VPN (virtual private networks) and remote desktop protocol in order to steal information. Blanco advised companies to pay due diligence and advise the same to the customers.

"Financial institutions should consider the risks of the current environment in their business processes, and the appropriate level of assurance needed for digital identity solutions to mitigate criminal exploitation of your products and platforms.”

FinCEN has also worked with other law enforcement initiatives like the Joint Criminal Opioid Darknet Enforcement (J-CODE) and National Cyber Investigative Joint Task Force (NCIJTF) in cases like criminals exploiting crypto for the purchase of fentanyl.

The virtual currency business has to be very vigilant and properly scrutinized as there are a number of miscreants persistently attacking their onboarding and authentication processes. FinCEN, since 2013 has received nearly 70,000 Suspicious Activity Reports (SARs) of cryptocurrency fraud alone. During COVID-19, this threat becomes ten fold.
Read more »
Subscribe to: Comments (Atom)