Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label FinCEN. Show all posts

Ransomware Crimes: More Than $1 Billion Netted in 2021


Cybercrime victims shelled out a record $1.2 billion, in order to have their data returned last year for ransomware attacks have significantly increased in size and intensity, as per the latest released federal data. 

According to a report by Financial Crimes Enforcement Network (FinCEN), banks processed over a billion dollars in transactions last year that were assumingly ransomware payments. The report concluded that this amount is more than double the amount of money from 2020. The top five highest-paid ransomware incidents all involved attackers with connections to Russia, FinCEN added.
 
The report “reminds us that ransomware- including attacks perpetrated by Russia-linked actors – remains a serious threat to our nation and economic security,” says Himamauli Das, FinCEN’s acting director, in a statement given this week. 

Ransomware is a kind of malware that allows hackers access to its victims’ digital devices, restricting the owner of their own files and data. Consequently, the hacker threatens victims, demanding a ransom payment from them, in order for them to restore access to the files. 

FinCEN, established in the year 1990, is an arm of the U.S. Department of Treasury. It is in charge of tracking international money laundering, terrorist financing, and other financial crimes. 

According to a report by FinCEN, hackers initially targeted people with ransomware attacks, but later advanced to targeting company giants and demanding bigger ransom payouts. In the year 2019, hackers created variations of ransomware attackers, namely ‘double extortion’, where they restrict owners to access their files and threaten to leak personal/ humiliating data to the public – if the demands are not met. 

The year 2021 witnessed some of the biggest ransomware attacks on record, aimed at large companies and nonprofits. A Russian hacking group, for example, attacked the Colonial Pipelines, one of the largest pipelines in the U.S. in May 2021. The company later paid the ransom amount of $4.3 million in order to retrieve its stolen data. However, the federal authorities eventually recovered at least $2.3 million of the paid ransom. Additionally, hackers also attacked organizations like Planned Parenthood, Sinclair Broadcasting, Shutterfly, and payroll processing company Kronos last year. 

According to FinCEN, organizations reported 1,489 ransomware assaults in total in 2021, up 188% from the year 2020. 

More recently, a ransomware attack last May marked the last straw for Lincoln College, a historically Black College in rural central Illinois that opened in 1865. The school gave hackers a $100,000 ransom, a payout that compounded financial troubles caused by plummeting enrollment in recent years. The 157-year-old institution shuttered in May. 

Ransomware attacks have recently increased in frequency, with the growing remote work and e-learning, and with educational institutions becoming more prone to the attacks. 

In regards to the ongoing ransomware attacks, the Biden administration this week conducted a two-day summit, attended by around three dozen nations, the European Union, and a number of private-sector organizations, in order to find the best ways to combat the attacks. 

U.S. President Biden as well signed a new law, earlier this year, that requires owners of factories, banks, nuclear reactors, and other critical infrastructure operations to report when (or if) their computer systems or servers are attacked by ransomware. However, reporting is currently optional for the ransom victims, making it difficult to calculate full impact of the crime.  

FinCEN Chief Blanco warns of Wide Scale Virtual Currency Scams


Financial Crimes Enforcement Network (FinCEN) is keeping a close watch on financial scams involving virtual currency payments as the COVID-19 pandemic opens new areas of exploitation said, Director Ken Blanco.



As we are stuck in an unfortunate period of emergency, these scammers are exploiting this vulnerability from extortion, ransomware, and the sale of fraudulent medical products, to initial coin offering investment scams.

“This type of cybercrime in the COVID-19 environment is especially despicable, because these criminals leverage altered business operations, decreased mobility, and increased anxiety to prey on those seeking critical healthcare information and supplies, including the elderly and infirm,” the Financial Crimes Enforcement Network chief told the virtual Consensus Blockchain Conference in a video conference.

Blanco stressed on the need for collaborating with other law enforcement agencies and working together to beat this issue by generating much-needed funds to help the recipients and for financial survival.
 “The need for our collaboration is clear and undeniable,” he stated.
He further delved into the cyber crimes occurring because of COVID-19 as much of the population and government employees are working from home these cybercriminals are attacking vulnerabilities in remote applications like VPN (virtual private networks) and remote desktop protocol in order to steal information. Blanco advised companies to pay due diligence and advise the same to the customers.

"Financial institutions should consider the risks of the current environment in their business processes, and the appropriate level of assurance needed for digital identity solutions to mitigate criminal exploitation of your products and platforms.”

FinCEN has also worked with other law enforcement initiatives like the Joint Criminal Opioid Darknet Enforcement (J-CODE) and National Cyber Investigative Joint Task Force (NCIJTF) in cases like criminals exploiting crypto for the purchase of fentanyl.

The virtual currency business has to be very vigilant and properly scrutinized as there are a number of miscreants persistently attacking their onboarding and authentication processes. FinCEN, since 2013 has received nearly 70,000 Suspicious Activity Reports (SARs) of cryptocurrency fraud alone. During COVID-19, this threat becomes ten fold.