FinCEN Issues Financial Trend Analysis on Ransomware

67% of ransomware reports that provided the communication method indicated that threat actors communicated with their intended targets via messages sent over The Onion Router protocol.

In 2024, ransomware incidents reported to FinCEN decreased to 1,476 incidents, reflecting $734 million in the aggregate value of reported payments.

Ransomware incidents reported to FinCEN reached an all-time high of 1,512 incidents in 2023, totaling $1.1 billion in payments, marking a 77% increase in total payments year-over-year from 2022 to 2023.

Between January 2022 and December 2024, FinCEN received 7,395 BSA reports related to 4,194 ransomware incidents, totaling more than $2.1 billion in ransomware payments.

The manufacturing industry accounted for 456 ransomware incidents totaling approximately $284.6 million in reported payments, while the financial services industry accounted for 432 incidents totaling approximately $365.6 million, and the healthcare industry accounted for 389 incidents totaling approximately $305.4 million.

The 10 ransomware variants with the highest cumulative payment amounts identified in BSA reports accounted for approximately $1.5 billion in payments.