The ransomware business is booming this year and could be bringing in billions for some of its top players, according to a report released by the US Treasury’s Financial Crimes Enforcement Network, or FinCEN (via The Record). The report analyzed the massive growth in ransomware payments in the first half of 2021 by looking at suspicious activity reports from financial institutions and was even able to estimate how much some hacking groups were making by analyzing blockchain transactions linked to their wallets.
The report found that reports of suspicious ransomware-related transactions totaled around $590 million from January 2021 to June 2021. One of the most shocking numbers in the report is that the top 10 hacking groups have trafficked around $5.2 billion worth of Bitcoin over the past three years.
:no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/22930534/Screen_Shot_2021_10_15_at_1.46.33_PM.png "US Treasury says ransomware payouts in 2021 could top entire past decade")
The oldest variant on this chart started in 2018, but the data FinCEN analyzed goes back to 2011.
Chart: US Treasury
It’s a mind-boggling figure, but it’s likely an incomplete one. FinCEN came to it by finding wallets linked to payments to the top 10 ransomware programs, then analyzing their outgoing transactions (with the money likely headed off to be laundered, though it’s worth noting that it’s almost impossible to know whether it came from ransomware activities). The hacking groups could have more crypto squirreled away in wallets they haven’t touched yet. Or they could have it in other currencies — the analysis only covered Bitcoin, and the report indicates there’s been an increase in hackers asking for alternative coins like Monero.
In June, Chainalysis’ research director told The Verge that the blockchain data company had labeled 2020 “the year of ransomware” and wondered if 2021 wouldn’t get the same title. It seems that the answer is yes, though maybe it needs an upgrade — FinCEN estimates that there was $200 million more paid out in the first half of 2021 than in the entirety of 2020. It says that if the trends keep up, hackers could make more from ransomware this year than they did in the past decade.
:no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/22930536/Screen_Shot_2021_10_15_at_1.47.59_PM.png "US Treasury says ransomware payouts in 2021 could top entire past decade")
Ransomware has been on the rise.
Graph: US Treasury
It’s not a surprise that the ransomware business is booming in 2021 — we’ve seen hackers hit and extort major tech companies, pipelines, hospitals, insurance companies, and more. But this report shows how paying ransoms can help fund hackers’ attempts to get at new targets, with the massive success of just a few groups. The government has been working to clamp down on this vicious cycle, though. The Department of Justice is setting up a team to go after the exchanges that facilitate crime-related transactions, like ransomware demands. But with billions on the line, it’s going to have to overcome huge incentives if it wants to stay ahead.
Related