(Bloomberg) -- Suspicious activity reports related to ransomware jumped significantly in 2021, according to the U.S. Treasury Department’s Financial Crimes Enforcement Network.
There was $590 million in suspicious activity related to ransomware in the first six months of 2021, exceeding the entire amount in 2020, when $416 million was reported, according to the report. “The mean average total monthly suspicious amount of ransomware transactions was $66.4 million and the median average was $45 million.” U.S.-based cybersecurity firms filed many of the suspicious activity reports.
The Treasury Department also identified 68 ransomware variants, noting that the most commonly reported variants were REvil, Conti and DarkSide.
The report was filed as the Treasury Department issued guidance to the virtual currency industry to prevent exploitation by entities sanctioned by the U.S. and ransomware actors. It is part of a broader effort by the Biden administration to crackdown on ransomware attacks, which have soared in recent years. In ransomware attacks, hackers encrypt a victim’s files and promise to unlock them if they are paid a fee.
Among the more notable attacks was one on Colonial Pipeline Co. in May that squeezed fuel supplies on the East Coast and another that month on the meatpacker JBS SA.
The Treasury report stated that ransomware actors are increasingly requesting payment in crypto currencies like Monero, which are designed to enhance anonymity.
“The average amount of reported ransomware transactions per month in 2021 was $102.3 million,” according to the report. If the current trend continues, the report said, suspicious activity reports (SARs) filed in 2021 “are projected to have a higher ransomware-related transaction value than SARs filed in the previous 10 years combined, which would represent a continuing trend of substantial increases in reported year-over-year ransomware activity.”
©2021 Bloomberg L.P.