The US Treasury’s Financial Crimes Enforcement Network (FinCEN) new analysis report has detailed ransomware activity in Bank Secrecy Act (BSA) data, reaching unprecedented levels between 2022 and 2024, with total reported payments surpassing $2.1 billion.
Editorial
This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.
According to FinCEN, 2023 was the most damaging year on record, with 1,512 reported ransomware incidents totaling $1.1 billion in payments, a 77% increase from 2022.
2024 saw a decline in both incidents and payment volumes following law enforcement actions targeting major ransomware groups, though activity remained elevated with 1,476 incidents and $734 million in reported payments.
The report also highlights operational patterns, including heavy reliance on The Onion Router (TOR) for victim communication, accounting for 67% of cases where a method was disclosed, and the dominance of ransomware variants such as ALPHV/BlackCat, Akira, LockBit, Phobos, and Black Basta, with the top ten variants alone accounting for $1.5 billion in payments.
FinCEN emphasised the critical role of financial institutions in reporting suspicious activity under the BSA, stating that timely filings are essential to detecting emerging cyber threats and supporting national security efforts.
FinCEN director Andrea Gacki says: “Banks and other financial institutions play a key role in protecting our economy from ransomware and other cyber threats. By quickly reporting suspicious activity under the Bank Secrecy Act, they provide law enforcement with critical information to help detect cybersecurity trends that can damage our economy. This work is vital to safeguarding our nation’s financial sector and strengthening our national security.”
Source link
#Ransomware #payments #soared #dropping
