FinCEN Warns Ransomware Payments Hit $2.1B in Three Years
Please note that we are not authorised to provide any investment advice. The content on this page is for information purposes only.
The US Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN), recently issued a Financial Trend Analysis on ransomware incidents in Bank Secrecy Act (BSA) data between 2022 and 2024.
The report, published yesterday, December 4, reflected on the incident that totaled over $2.1 billion in ransomware payments. The FinCEN Director. Andrea Gacki said in the report that banks and other financial institutions play a key role in protecting the economy from ransomware and similar cyber threats.
“By quickly reporting suspicious activity under the Bank Secrecy Act, they provide law enforcement with critical information to help detect cybersecurity trends that can damage our economy. This work is vital to safeguarding our nation’s financial sector and strengthening our national security,” Gacki noted.
According to FinCEN’s report, 2023 was the most damaging year on record, in regard to ransomware. The year has seen 1,512 reported ransomware incidents, which resulted in $1.1 billion in payments, representing a 77% increase compared to the year before.
Figures Declined Slightly in 2024
Interestingly, 2024 then brought a decline in both the number of reported incidents and payment volumes, which is believed to be the result of law enforcement actions that targeted major ransomware groups. However, FinCEN highlighted that activity remained elevated, with 1,476 reported incidents and $724 million in payments.
The report also pointed out operational patterns, such as heavy reliance on The Onion Router (TOR) for victim communication, accounting for 67% of cases where a method was disclosed, and the dominance of ransomware variants, including ALPHV/BlackCat, Akira, LockBit, Phobos, and Black Basta. The top 10 variants alone led to $1.5 billion in payments, according to FinCEN.
The report said that Financial Services, Manufacturing, and Healthcare are among the most impacted industries. The manufacturing industry accounted for 456 incidents and around $284.6 million in reported payments, followed by the financial services industry, which saw 432 incidents and $365.6 million in reported payments. The healthcare industry was the least impacted of the three, but it still saw 389 incidents and $305.4 million in payments.
The report pointed out the critical role of financial institutions in reporting suspicious activity under the BSA, noting that timely filings are essential for detecting emerging threats and supporting national security efforts.
FinCEN concluded the statement by highlighting the complexity of cybersecurity, and noting that it requires a variety of preventive, protective, and preparatory best practices in order to tackle it adequately and further reduce these figures.
