Ransomware attacks have become more and more popular over the last decade with many of these attacks, such as the Colonial Pipeline attack, and the Kaseya attack in the first half of 2021 making main stream news as ransoms of $5 million or more were demanded.
In the first 6 months of 2021, according to the Financial Crimes Enforcement Network's report Ransomware Trends in Bank Secrecy Act Data, between January 2021 and June 2021, $590 million was paid in ransomware demands. That's a 42% increase compared to the total ransomware demands for the whole of 2020, which overall was $416 million. The report goes on to project that 2021, at this rate, will end up having more ransomware payments than all of the last 10 years combined.
Ransomware in general, is a lucrative business for those who can extract millions of dollars in this way. The stakes are high, as we saw from the arrests made bringing to justice key persons involved in the REvil group who were behind the 2021 Kaseya and Colonial Pipeline attacks.
Unfortunately, the fact that $590 million has been paid in ransomware demands through 2021 (so far) entices hackers to continue trying their luck to make fast money since they are seeing that there are literally millions to be made. Each time a million dollar transaction is made, the fact that money can be made by engaging in attacks on prominent businesses is highlighted, emboldening others to try to do the same.
The good news for 2021 is that the US Government has put a lot of emphasis on cybersecurity, coming out with Executive orders and guidelines that should get a lot more focus on both protecting businesses of all kinds, and bringing to justice those that launch the attacks.
Recent Government Executive Orders and Statements:
- - Executive Order on Improving the Nation's Cybersecurity
- - Statement by President Joe Bide on Cybersecurity Awareness Month