Ransomware – $ 590 million recovered in the first half of the year

The U.S. Treasury Department said Friday that $ 590 million (545 million francs) worth of ransomware attacks were reported by financial institutions operating in the United States in the first half of the year.

According to the US government, this number is 42% higher than the amount reported for the whole of 2020, which explains the acceleration of this type of attack in recent months. This represents almost 60% of the total reported in the previous ten years between 2011 and 2020. And there is strong reason to believe that the real cost could be in the billions of dollars.

These data, related to 635 separate reports, were compiled by the Financial Network Network (FinCEN), which reports to the Treasury Department. He notes that they are not necessary with the redemption amount paid in the first six months of 2021, some of which may be outdated. The total amount actually repaid in the first half of this year was $ 398 million (366 million francs), which was divided into 458 different activities, again according to Finsen.

A ransomware attack involves hackers entering a company’s computer network and then locking up data. The authors then ask those in charge of that company, organization or management to pay a ransom, often in the form of cryptocurrencies, in lieu of opening.

According to the Treasury Department, investigators found more than 150 online cryptocurrency wallets, and during the analysis found transactions related to more than $ 5.2 billion (4.8 billion francs) ransomware payments.

Businesses and companies face considerable pressure not only to open their data but also to ensure that it does not hit the ears of customers or executives.

Several ransomware attacks have made headlines in recent months, targeting the American computer company Casey in July. By attacking this company, hackers gained access to more than a thousand companies providing services around the world.

In early May, the U.S. company targeted the Colonial Pipeline and disrupted fuel supplies in the United States. This provoked a strong reaction from the authorities and a portion of the ransom, $ 4.4 million (4 million francs) was recovered. In September, Mobile in Mangado, Minnesota attacked businesses of all industries and sizes from a hospital in Alabama.

In countries most affected by this type of cyber attack, the United States has decided to launch an attack. In late September, the U.S. Treasury for the first time seized the assets of a cryptocurrency platform (SUEX) suspected of being used by hackers in ransomware attacks. The site is affiliated with Russians and, according to many analysts, is considered one of the largest hacker communities in Russia, along with China, using ransomware.

On Friday, the Treasury Department released a practical guide for cryptocurrency players. “The Treasury is helping to prevent ransomware attacks by making it harder for criminals to profit from these actions, but we need partners in the private sector to prevent these illegal activities,” the deputy secretary general of government said. Wally Ademio was quoted in a statement released Friday.

Washington this week, Wednesday and Thursday, invited delegates from 31 countries to a meeting dedicated to the cause. At the end of the meeting, the delegates “recognized” the importance of international cooperation in this area, particularly by sharing information on suspicious activities or questionable financial transactions.

Biden management is trying to better integrate the response to the growing number of ransomware attacks in recent months. In addition, a bill currently being discussed in Congress aims to force companies targeted by ransomware attacks to pay the ransom within 48 hours. The policy of the text is supported by the US government.