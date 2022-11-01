







CNN

—

U.S. financial institutions reported more than $1 billion in potential ransomware-related payouts in 2021, more than double the amount from the previous year and the most ever reported, according to Treasury Department data shared exclusively with CNN. . The five hacking tools that accounted for the most payments in the last half of 2021 are all connected to Russian hackers, according to the Treasurys Financial Crimes Enforcement Network (FinCEN) report. The report highlights a pressing national security challenge that the Biden administration has been trying to address for a May 2021 ransomware attack forced a major US pipeline operator to shut down for days. It comes as the Biden administration convenes three dozen allied governments in Washington this week to discuss ways to combat illicit flows of ransom payments and make organizations more resilient to hacks. Russia is notably absent from the talks this week. The sharp increase in reported ransomware payments could be due to improved tracking and reporting of payments by banks, according to the Treasury, but also a broader trend of a high rate of ransomware attacks across the board. sectors. The Treasury Department’s analysis is based on reports that US banks are required to file with regulators to prevent money laundering. It includes data from US banks and international banks with US customers. It covers things like extortion amounts and attempted ransom payments made by banks or their customers. The data shows that ransomware, including attacks by Russian-linked actors, remains a serious threat to our national and economic security, FinCEN Acting Director Himamauli Das said in a statement. US officials have long complained that a lack of requirements for companies to report ransomware attacks to the government has left officials in the dark about the extent and cost of the problem. That’s starting to change thanks to a March law that requires certain companies to report ransomware attacks and payments to the Department of Homeland Security. The FBI discourages companies from paying ransom because it can encourage further hacks and enrich cybercriminals. But some companies choose to pay their abusers to stay in business. Colonial Pipeline, the fuel pipeline operator that was hacked in May 2021, chose to pay a $4.4 million ransom out of desperation to get fuel shipments to the East Coast. The Department of Justice then recovered about half of that money from the hackers.

