The U.S. Financial Crimes Enforcement Network (FinCEN) recently revealed that Bitcoin is the most popular payment method among ransomware operators. This news alone would've been easy to guess—cryptocurrency and criminal activity go together like pancakes and syrup—but the sheer scope of those payments was previously unknown. FinCEN said it believes $5.2 billion worth of Bitcoin transactions have been linked to ransomware.
The agency's findings, which BleepingComputer reported on October 15, were published in a report titled "Ransomware Trends in Bank Secrecy Act Data Between January 2021 and June 2021." The report described the increasingly pervasive nature of ransomware attacks as well as the rising amount of money these attacks can net their operators. Ransomware isn't having a moment; it's establishing a long reign.
FinCEN said that its analysis of Suspicious Activity Reports (SARs) related to ransomware that were filed during the first half of 2021 "indicates that ransomware is an increasing threat to the U.S. financial sector, businesses, and the public." The agency said 487 SARs were filed in 2020, but that number saw a 30 percent increase between January and June alone with a total of 635 SARs filed in that period.
That means there are more ransomware-related SARs being filed than ever before. Their value has also risen: "The total value of suspicious activity reported in ransomware-related SARs during the first six months of 2021 was $590 million," FinCEN said, "which exceeds the value reported for the entirety of 2020 ($416 million)." The average transaction amount rose from $100,000 to $102,273 as well.
So ransomware is becoming more common and slightly more expensive, which means leading attackers can bring in more money than ever before, even though FinCEN's report only covered the first half of the year. Unless these attacks slow down—and continued efforts to disrupt the REvil hacker group might help in that regard—things probably won't improve much for the second half of the year.
