The US Treasury Department has reported more than half a billion dollars was paid by victims of ransomware cyber-attacks in the first six months of 2021.
The ransomware attackers use malicious software that encrypts a victim’s files and holds the data hostage until a ransom is paid.
The Treasury's Financial Crimes Enforcement Network (FinCEN) report published on Friday showed a fifty percent rise in ransomware attacks in half of 2021 compared to the total number of attacks in 2020.
The report, which is issued pursuant to Section 6206 of the Anti-Money Laundering Act of 2020 (AMLA), requires FinCEN to periodically publish threat patterns and trend information derived from financial institutions' Suspicious Activity Reports (SARs).
The total value of suspicious activity reported in the first six months was $590 million, which exceeds the value reported for the total of 2020 which was $416 million.
The Treasury report said to evade the authorities, the criminal actors were "increasingly requesting payments in Anonymity-enhanced Cryptocurrencies (AECs) and avoiding reusing wallet addresses, “chain hopping” and cashing out at centralized exchanges, and using mixing services and decentralized exchanges to convert proceeds."
“Ransomware actors are criminals who are enabled by gaps in compliance regimes across the global virtual currency ecosystem,” Deputy Treasury Secretary Wally Adeyemo said in a statement Friday. “Treasury is helping to stop ransomware attacks by making it difficult for criminals to profit from their crimes, but we need partners in the private sector to help prevent this illicit activity.”
The report found that bitcoin was the most common payment method for victims to pay ransomware demands.
Earlier this year, Colonial Pipeline, which supplies around 45 percent of the East Coast's fuel supply, shut down its operations after a ransomware attack that Washington claimed was carried out by a Russian-based group. The company chose to pay the hackers the equivalent of $4.4 million in Bitcoin to receive keys to decrypt their systems.
US officials quickly launched an investigation to see whether the Russians were behind the cyber attack.