top of page
  • Deborah

The Financial Crimes Enforcement Network (FinCEN) published its report on threat patterns and ransomware trends for the first half of 2021. Derived from the Suspicious Activity Reports (SARs) provided by financial institutions, the report shows the increasing threat of ransomware in the U.S. financial sector, business and the public.

Ransomware is explained in the report as “malicious software that encrypts a victim’s files and holds the data hostage until a ransom is paid”. Cyber criminals have adopted different approaches to targeting their ransomware victims, new methods to maximize ransomware payouts and novel ways to obfuscate their identities in the payment transactions.

The report provides insights into the changing preferred payment options. Bitcoin was the most common ransomware-related payment method however threat actors are increasingly requesting payments in Anonymity-enhanced Cryptocurrencies (AECs). Threat actors are also :

  • Avoiding reuse of wallets

  • Cashing out deposits at foreign centralized convertible virtual currency (CVC) exchanges with inadequate AML/CFT standards

  • Converting CVC in different CVC at least once before transferring funds to another platform or service, a practice referred to as “chain hopping”

  • Using mixing services to conceal the source of CVC

  • Converting ransomware-related payments to other types of CVCs through decentralized exchanges lacking account or custodial relationships

Overall, in the first half of 2021, the number of SARs reported exceeded those reported for the full year 2020 by 30% reaching 635 in total. In terms of total U.S. dollar value, ransomware-related SARs represented $590 million, a 42% increase compared to all of 2020.

These reports are related to sixty-eight ransomware variants, of which REvil/Sodinokobi, Conti, Darkside, Avaddon and Phobos were the most common.

FinCEN’s guidance for financial institutions on reporting ransomware-related incidents is available at

Cybercrime, including cybersecurity and virtual currency considerations, is one of the U.S. national priorities for anti-money laundering and countering the financing of terrorism (see Ameis’ RegFacts news here).

Recent Posts

See All

Information, Communication Technology (ICT) systems, generally includes all hardware, software, applications and systems that combined enable people and organizations to communicate digitally. ICT enc

25 January 2023 - Comments requested on Financial Conduct Authority (FCA) proposed Sustainability Disclosure Requirements (SDR) and investment labels. 6 February 2023 - Comment period closes for the u

Last November, 2022 the Bank for International Settlements (BIS) and the International Organization of Securities Commissions (IOSCO) published their Level 3 assessment of cyber resilience on 37 Finan

bottom of page