Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.
Comments are moderated and will not appear until the moderator has approved them.
Please submit appropriate comments. Inappropriate comments include content that is abusive, harassing, or threatening; obscene, vulgar, or profane; an attack of a personal nature; or overtly political.
In addition, no off-topic remarks or spam is permitted.
Ransomware: You Are the First Line of Defense
Anecdotally, many of us have felt the profound impact of ransomware. My Atlanta Fed colleagues queued for gasoline in the aftermath of the Colonial pipeline breach in May. My friend's local government was unable to issue building permits or accept payments. Maybe your child's school canceled remote learning for a few days. Perhaps you lost treasured family photos and important financial records. For my part, I worried that a ransomware attack on the Martha's Vineyard Ferry would derail a planned visit to the island.
Now, from the Financial Crimes Enforcement Network (FinCEN) come the numbers to drive home the point. The growth in reported ransomware payments in the first half of this year is staggering:
- The number of ransomware-related Suspicious Activity Reports (SARs) for the first six months of 2021 (635) exceeds the total number of such reports for all 12 months of 2020 by 30 percent.
- The total value of suspected ransomware-related payments reported for the first six months of 2021 was $590 million, topping the total value for 2020 by 40 percent.
Back-of the-envelope extrapolation: the number of ransomware incidents reported on SARs for 2021 are on track to be something like two-and-a-half times the number of incidents reported in 2020. By value, FinCen concluded that "If current trends continue, SARs filed in 2021 are projected to have a higher ransomware-related transaction value than SARs filed in the previous 10 years combined."
Preventing attacks of this magnitude and sophistication clearly requires coordinated action by governments across the globe.
But how about you?
The number one entry vector for these highly organized, technology-enabled, and wellfunded crimes is phishing. It's simple. It's not highly technical. It works. And it starts with you.
Each one of us represents the first line of defense. Remember: not every email is something you need to take action on. When you pay attention to an email sender's address and think twice before clicking on attached files, you are defending against ransomware. Don't underestimate your adversary: to make use of all the weapons at your disposal, read this tip sheet from the Cybersecurity and Infrastructure Security Agency (CISA).