Some $ 590 million (€ 509 million) in ransoms related to so-called ransomware attacks were reported in the first half of the year by financial institutions operating in the United States.
According to a report released by the US Treasury Department on Friday, that figure is 42% higher than the amount reported for all of 2020, illustrating the acceleration of such attacks in recent months. This alone represents almost 60% of the total reported over the previous ten years, between 2011 and 2020.
And there is strong reason to believe that the true cost could run into the billions of dollars.
These data, which relate to 635 separate reports, were compiled by the Financial Crime Network (FinCEN), which reports to the Department of the Treasury. He specifies that they do not necessarily relate to ransoms paid during the first six months of 2021, some of which may be older.
The total amounts actually paid as ransom during the first half of the year amounted to $ 398 million, divided into 458 different operations, according to FinCEN.
A ransomware attack involves hackers breaking into an entity’s computer network and then locking down the data. The authors then ask those in charge of that company, organization or administration to pay a ransom, most often in the form of cryptocurrencies, in exchange for the unlocking.
THE UNITED STATES GO ON THE OFFENSIVE
According to the Treasury Department, investigators discovered more than 150 online cryptocurrency wallets, and when analyzing them uncovered more than $ 5.2 billion (4.5 billion euros) in transactions potentially linked to payments of ransomware.
Businesses and institutions face significant pressure to pay to have their data unlocked, but also to ensure that the attack does not reach the ears of customers or authorities, with the latter regularly issuing strict warnings against giving. money to criminals.
The attacks hit businesses of all industries and sizes, from a hospital in Mobile, Alabama, to an agricultural cooperative in Mankato, Minnesota in September.
Among the countries most affected by this type of cyberattack, the United States has decided to go on the offensive.
At the end of September, the U.S. Treasury for the first time blocked the assets of a cryptocurrency platform (SUEX) suspected of having been used by hackers in ransomware attacks.
Attacks have increased in recent months
This platform is linked to Russian nationals and operates, according to several analysts, in Russia, considered, along with China, as one of the countries with the largest community of hackers using ransomware.
On Friday, the Treasury Department published a practical guide for cryptocurrency players reminding them of their obligations in the fight against financial crime, under penalty of sanctions.
Washington this week, Wednesday and Thursday, invited representatives of 31 countries to a meeting dedicated to the subject. At the end of this gathering, the delegations “recognized” the importance of international cooperation in this area, in particular through the sharing of information relating to suspicious activities or questionable financial transactions.
The Biden administration is seeking to better coordinate the response to ransomware attacks, which have multiplied in recent months.
In addition, a bill currently under discussion in Congress aims to force entities targeted by ransomware attacks to report, within 48 hours, the possible payment of a ransom. The principle of the text is supported by the American government.