United States financial institutions report that over $1 billion in ransomware payments were made in 2021, more than double paid in 2020 ($500 million). The staggering figure is the most reported ever, and sets a dangerous omen for what is sure to be an even larger number in 2022.
First reported by CNN, all five hacking tools that were used for the majority of ransomware payments were connected to Russian hackers.
The Biden administration is meeting with 36 allied nation governments this week in Washington D.C. to discuss “illicit flow of ransom payments” and cybersecurity best practices, according to CNN. Yet, Russia and its hackers remain off the agenda.
It’s unclear if the record ransomware number is due to improved reporting of ransomware attacks, ransoms paid, or if it is truly a record-setting amount of ransoms paid. There have been conflicting reports about ransomware attacks and their frequency as cryptocurrency prices have been on a downward trend for much of 2022.
Cryptocurrency, mostly bitcoin, remains the ransom crypto of choice for cybercriminals and hackers. Although it is not anonymous, it is frequently “laundered” through “crypto cleansing” blockchains to at least obfuscate its movement. Sophisticated cryptocurrency researchers and federal agencies such as the FBI can still trace it, however.
The US government still does not have clear guidance on requiring companies to disclose ransomware attacks. A March law requires “certain companies” to disclose ransomware attacks and payments to the Department of Homeland Security (DHS). But it is a far cry from what is needed for full transparency.
This leaves cybercriminals emboldened to continue to pursue ransomware attacks and profit extraordinarily from their efforts.
Ransomware-as-a-Service has even become a thing on the dark web, and has been successfully leveraged in previous attacks, such as the Los Angeles Unified School District.