FinCEN Says Ransomware Attacks Reported by FIs Leapt 108% in 2021


The number of ransomware attacks reported by financial institutions (FIs) and occurring in 2021 was double the number that occurred during the previous year.

The number leapt 108% from 602 in 2020 to 1,251 in 2021, the Financial Crimes Enforcement Network (FinCEN) reported Tuesday (Nov. 1) in its latest Financial Trend Analysis report.

The dollar amounts involved in those ransomware-related incidents rose 68% from $527 million in 2020 to $886 million in 2021, according to the report.

What’s more, the frequency and value of the attacks increased during the second half of the year. While 458 incidents with a value of $398 million occurred between Jan. 1 and June 30, 2021, 793 attacks with a value of $488 million happened between July 1 and December 31, 2021, per the report.

“Today’s report reminds us that ransomware — including attacks perpetrated by Russian-linked actors — remain a serious threat to our national and economic security,” FinCEN Acting Director Himamauli Das said in a Tuesday press release.

About 75% of the incidents reported in the second half of 2021 involved Russia-related ransomware, FinCEN said in the release.

These figures are based on ransomware-related Bank Secrecy Act (BSA) filings and are based on incident date data.

“[The report] underscores the importance of BSA filings, which allow us to uncover trends and patterns in support of whole-of-government efforts to prevent and combat ransomware attacks,” Das said in the release. “Financial institutions play a critical role in helping to protect the United States from ransomware-related threats simply by fulfilling their BSA compliance obligations.”

Ransomware attacks soared last year in the United Kingdom, too. As PYMNTS reported in March, the number of incidents reported to the Information Commissioner’s Office (ICO) in the U.K. doubled from 326 in 2020 to 654 in 2021, according to a March 28 report from the international law firm RPC based on data from the ICO.