A new analysis by the Department of Justice's Financial Crimes Enforcement Network (FinCEN) says Russian actors accounted for roughly three-quarters of the ransomware incidents that were reported in the second half of 2021, which helped explain the sharp increase in ransomware attacks that was observed in 2021 compared to 2020.
A 188% increase from the previous year, FinCEN reported receiving 1,489 ransomware-related files totaling approximately $1.2 billion in 2021.
According to the report, 75% of the 793 ransomware occurrences that FinCEN received in the second half of 2021 "had a nexus to Russia, its proxies, or persons acting on its behalf."
Earlier in October, FinCEN released a larger report demonstrating that the amount of money lost to ransomware attacks climbed from $527 million in 2020 to $886 million in 2021, suggesting a 68% rise in the cost of harmful assaults.
Officials recorded 1,251 ransomware attacks in 2021, compared to only 602 occurrences in 2020.
This newer report concentrated on ransomware variants, or unique versions of ransomware, and the prevalence of Russian operators in malware distribution. During the assessment period in 2021, FinCEN authors examined 84 unique ransomware variants and identified approximately 58% as being associated with suspected Russian cyber attackers.
In order to combat the growing threat of ransomware and other cybercrime, including the illegal use of cryptocurrency, Washington is convening a summit this week with representatives from 36 countries and the European Union, as well as 13 multinational firms.
"We may approach the challenge of ransomware with a different lens - and in some cases, an entirely different set of tools - but we are all here because we know that ransomware remains a critical threat to victims across the globe and continues to be profitable for bad actors," Deputy Treasury Secretary Wally Adeyemo said.
Data of victims is encrypted using ransomware, and hackers provide the victim with a key in exchange for cryptocurrency payments that can amount to millions of dollars.
As the U.S. takes part in the second International Counter Ransomware Initiative Summit, the study makes its premiere. Russia's cyber activity will be a hot topic because the country's invasion of Ukraine heightened geopolitical tensions and opened the door for additional potential state-sponsored cyberattacks by Russia against the U.S. and its allies.
A U.S. Treasury official stated on Tuesday that the department successfully thwarted intrusions by a hacker organization that was pro-Russian last month, preventing disruption. He cited this as an illustration of the department's more aggressive approach to financial system protection.
