Ransomware remains ‘significant threat,’ FinCEN reports; large portion of variants connected to Russia cyber actors

November 1, 2022 Other 0

Ransomware trends in Bank Secrecy Act (BSA) filings from July to December 2021 showed growth in the number and severity of ransomware attacks against U.S. critical infrastructure since late 2020, Treasury’s Financial Crimes Enforcement Network (FinCEN) said Tuesday.

FinCEN said its analysis addresses the extent to which a substantial number of ransomware attacks likely emanate from, or at a minimum are connected to, actors in Russia.

Analysis of ransomware-related BSA filings for 2021 indicates that ransomware continues to pose a significant threat to U.S. critical infrastructure sectors, businesses, and the public, FinCEN said. For the second half of 2021, FinCEN found that:

Russia-related ransomware variants accounted for 69% of ransomware incident value, 75% of ransomware-related incidents, and 58% of unique ransomware variants reported for incidents in the review period. All of the top five highest grossing ransomware variants in this period are connected to Russian cyber actors.
The mean average total monthly amount of ransomware-related incidents in the review period was $81.4 million, and the median was $80 million.
Ransomware actors develop their own versions of ransomware, known as “variants,” and these versions are given new names based on a change to software or to denote a particular threat actor behind the malware. FinCEN identified 84 ransomware variants reported in BSA data for incidents during the review period.

Comparing data more broadly, FinCEN said:

BSA data for 2020 suggests that at least 602 ransomware-related incidents occurred throughout the year. The total value of these incidents was roughly $527 million. BSA data for 2021 suggests that at least 1,251 ransomware-related incidents occurred throughout 2021, with a total value of roughly $886 million.
BSA data for 2021 suggests at least 458 ransomware-related incidents occurred between Jan. 1 and June 30. The total value of these incidents was roughly $398 million. At least 793 ransomware-related incidents occurred between July 1 and Dec. 31, with a total value of roughly $488 million.
Of the 793 ransomware-related incidents reported to FinCEN in BSA data that occurred between July 1 and Dec. 31, 2021, 75% (or 594) had a nexus to Russia, its proxies, or persons acting on its behalf.

FinCEN Analysis Reveals Ransomware Reporting in BSA Filings Increased Significantly During the Second Half of 2021

Report finds sexual harassment at FDIC went on ‘far too long’; board chairman’s role highlighted

May 7, 2024 0

A failure to provide a workplace safe from sexual harassment, discrimination, and other interpersonal misconduct went on “for far too many employees and for far too long,” according to a report issued Tuesday by a special committee of the board [...]
Bureau dings Chime, orders it to pay $4.55 million over untimely account-closure refunds

May 7, 2024 0

The financial-technology (fintech) firm Chime Financial must pay a $3.25 million civil money penalty (CMP) and provide at least $1.3 million in consumer redress for its failure to timely provide consumers their account balance refunds after they closed their accounts, [...]
BSA/AML deficiencies noted in Fed order with MT bank

May 7, 2024 0

First Citizens Bank of Butte, Butte, Mont., is required to bring its operations into compliance with Bank Secrecy Act (BSA) anti-money laundering (AML) rules and regulations under an agreement announced Tuesday by the Federal Reserve Board. In the May 2 [...]
Agencies nudged to act on coordinating identification, tackling of blockchain risks

May 7, 2024 0

Identifying and addressing blockchain risks needs to be addressed by two federal banking regulators, as recommended last year, according to a report issued Tuesday by the congressional watchdog. In separate reports on “open priority recommendations,” the congressional Government Accountability Office [...]
Agencies re-issue proposal on incentive-based compensation; seek more risk-sensitive approach

May 6, 2024 0

Incentive-based compensation arrangements are addressed in a proposal to make those more sensitive to risk was issued – or scheduled to be adopted — Monday by federal banking and credit union regulators, among others. The proposal was first advanced nearly [...]
Banks’ senior loan officers cite tightened standards, weaker demand for C&I, CRE loans in first quarter

May 6, 2024 0

Tightening loan standards and weaker demand were reported for many commercial and consumer loan categories by senior loan officers at large banks participating in the Federal Reserve’s April Senior Loan Office Opinion Survey (SLOOP), according to the report released Monday. [...]
Student loan firms charged with servicing failures, face north of $5 million in fines, redress

May 6, 2024 0

“Multi-year servicing failures” are claimed against two organizations engaged in student lending under action taken Monday by the federal consumer financial protection agency seeking more than $5 million in penalties and redress, the agency said. The National Collegiate Student Loan [...]
Credit union regulator delays board meeting for May by about one week

May 6, 2024 0

A rescheduled meeting – to May 22 – was announced Monday by the federal credit union regulator’s board, changing the date from May 16. The National Credit Union Administration (NCUA) Board gave no reason for the rescheduling. The May 22 [...]

Related