Ransomware payouts hit record high as ID marketplace closed
Ransomware victims paid $1.4bn in the past two years, US Senate committee told
More than $712m was handed over in ransomware payouts last year with the average payment size exceeding $121,000, a congressional hearing into ransomware attacks has been told.
Jackie Burns Koven, head of cyber threat intelligence at blockchain data platform Chainalysis, revealed the figures to the US Homeland and Security Affairs Committee’s hearing on Tuesday 7 June. She also told the committee, which is exploring ransomware attacks and ransom payments enabled by cryptocurrency, “the true total for 2021 is likely to be much higher”.
As of May 2022, Chainaylsis identified that ransomware payments for 2020 had totalled more than $694m, said Koven in her evidence to the committee, making the $712m total for 2021 a record-breaking year.
“Ransomware payment sizes have grown significantly for the past few years. The average ransomware payment size was over $121,000 in 2021, up from $88,000 in 2020 and $25,000 in 2019,” said Koven. “Large payments such as the record $40m received by Phoenix Cryptolocker spurred this all-time high in average payment size.”
Marketplace for personal information is shutdown
The hearing came on the same day as the US Department of Justice (DOJ) announced the seizure of the SSNDOB marketplace – a series of websites selling the personal information of 24 million US citizens, including names, dates of birth, and social security numbers. Over the years, the marketplace is estimated to have generated $19m in sales revenue.
The international operation to dismantle and seize the SSNDOB infrastructure was the result of co-operation with law enforcement authorities in Cyprus and Latvia.
“Taking down the SSNDOB website disrupted ID theft criminals and helped millions of Americans whose personal information was compromised,” said special agent Darrell Waldon for the Internal Revenue Service.
