The Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) has published its 2021 Internet Crime Report, which shows that critical infrastructure organizations had about 649 ransomware attacks between June 2021 and December 2021.
14 of the 16 critical infrastructure industries revealed a minimum of one ransomware attack. The healthcare and public health industries were the hardest hit with 148 attacks. Next is the financial services with 89 attacks, then the IT sector with 74 attacks.
The Conti ransomware gang had the most activities in 2021 having 87 reported attacks on critical infrastructure companies, next is the LockBit ransomware gang with 58 attacks, and the already-disbanded REvil/Sodinokibi ransomware operation with 51 attacks. The Conti gang preferred targets in the critical manufacturing, business establishments, and the food and agriculture industries, LockBit most often targeted healthcare and public health, government agencies, and financial companies, and REvil attacked healthcare and public health, financial service providers, and the IT industries.
Ransomware groups employ various strategies to acquire access to victim systems; nonetheless, the most frequent attack vectors in 2021 were phishing emails, exploitation of software vulnerabilities, and Remote Desktop Protocol (RDP). Although 2021 had a number of major ransomware operations closed down, there were others that took their place. IC3 expects that 2022 will have more ransomware attacks on critical infrastructure.
IC3 stated that 2021 had an unparalleled growth in cyberattacks and malicious cyber activity aimed towards different business industries and individuals. The American public submitted 847,376 complaints to IC3 in 2021, growing by 7% from 2020. In all those complaints, the reported losses were over $6.9 billion, increasing by 64.29% from 2020’s $4.2 billion.
In 2021, phishing, including vishing, harming, and smishing, was the most widespread type of cybercrime. There were 323,972 complaints related to phishing events submitted to IC3, increasing by 34% from 2020. The second most reported cases were nonpayment/non-delivery crimes, with 82,478 affected individuals.
In 2021, there were 19,954 complaints related to business email compromise (BEC)/email account compromise (EAC) frauds. This had the most victim losses of more or less $2.4 billion, increasing by 28% from 2020. IC3 stated BEC attacks have turn out to be a lot more advanced. Although they used to entail compromised email accounts that were employed to get W2 forms or bogus wire transfers, fraudsters have taken advantage of the higher dependence on telework and online communications tools.
A compromised email account of a company or financial manager is usually made use of to request staff members to join in virtual conference platforms. In such meetings, the fraudster would add a still photo of the CEO without audio, or a “deep fake” audio. Then the fraudsters, posing as business executives, would say they have malfunctioning audio/video.
In 2021, there were over $44 million in losses due to phishing scams. The 3,729 reported ransomware attacks had at least $49 million losses. Losses to ransomware are hard to figure out. The $49 million only refer to ransom payments reported to IC3. It does not include associated expenses like remediation.
IC3 reported the Recovery Asset Team’s (RAT) success in holding funds for cybercrime victims. In 2021, the IC3’s RAT started the Financial Fraud Kill Chain regarding 1,726 BEC complaints that involve local to local transactions with potential $443,448,237 losses. A monetary freeze was put on roughly $329 million, representing a 74% success rate.