Processing Your Payment

Please do not leave this page until complete. This can take a few moments.

October 19, 2021

Ransomware payments skyrocket in 2021, Treasury report says

Photo | Pixabay
By Zachary Comeau

A new report from the U.S. Department of the Treasury finds that ransomware-related suspicious activity reports (SARs) filed by financial institutions are set for a record year, with the value of reports filed over the first half of this year already increasing by 42% over all of last year’s reports.

The Treasury’s Financial Trend Analysis report on ransomware trends found that the total value of SARs reported in ransomware-related payments during the first half of this year was $590 million, which already blows last year’s total figure of $416 million out of the water. On a monthly basis, that’s $66.4 million per month and a median of $45 million, which is paid mostly in cryptocurrencies like bitcoin.

The report also shed light on the most commen ransomware variants, identifying rEvil/Sodinokibi, Contie, DarkSide, Avaddon and Photos as the most commonly reported.

According to the report, the median ransomware payment made to the top 10 ransomware variants analyzed was $148,400, but payments ranged from as high as $350,000 to just below $74,000.

The department also analyzed 177 wallet addresses identified in SARs, but also used “commercially available tools” to analyze another 423,000 wallet addresses though to be associated with the top 10 ransomware variants. In total, there has been $5.2 billion in cryptocurrency payment sent to those wallet addresses since July 2018, according to the report, although it is not clear if all of those funds were ransomware payments.

If this trend continues, ransomware-related SARs filed this year are projected to have a higher transactional value than reports filed in the previous 10 years combined, the report said.

“This trend potentially reflects the increasing overall prevalence of ransomware-related incidents as well as improved detection and reporting of incidents by covered financial institutions, which may also be related to increased awareness of reporting obligations pertaining to ransomware and willingness to report,” the Treasury said in the report.

Sign up for Enews

Most Recent

Most Recent

0 Comments

Order a PDF