The Financial Crimes Enforcement Network (FinCEN) of the USA has published its periodic Financial Trend Analysis report for January-June 2021. This report analyses threat pattern and trend information extracted from the Suspicious Activity Reports (SARs) filed by financial institutions. The prime focus of this particular report is ransomware pattern and trend information obtained using Bank Secrecy Act (BSA) data.
Ransomware attacks against various sectors in the US have increased in both number and severity since late 2020. Recent ransomware attacks have targeted energy, manufacturing, education, insurance and health care sectors, among others. FinCEN’s report shows that monthly filings of ransomware-related SARs have increased significantly. Between January 1, 2021 and June 30, 2021, financial institutions in the US filed 635 SARs, which is 30% more than the 487 SARs in the entire 2020.
On an average, the total monthly suspicious amount of ransomware transactions in the US during the first half of 2021 was $66.4 million. The most common ransomware-related payment method in these transactions was bitcoin. In fact, over $5.2 billion in outgoing bitcoin transactions in the review period are suspected to be ransomware payments.
FinCEN has also identified various ML typologies related to ransomware attacks in 2021. These include requesting payments in Anonymity-enhanced Cryptocurrencies, not reusing wallet addresses, using mixing services and decentralized exchanges to convert illicit funds, and so on.