WASHINGTON — Reported ransomware attacks and related payments fell in 2024 after federal authorities dismantled two major ransomware groups, the Department of the Treasury’s Financial Crimes Enforcement Network said in a release.
The decline marks a shift from 2023, when ransomware activity reached record levels with 1,512 reported incidents and $1.1 billion in associated payments, according to FinCEN’s new Financial Trend Analysis: Ransomware Trends in Bank Secrecy Act Data Between 2022 and 2024.”
In 2024, reported activity dipped to 1,476 incidents, while total payments fell sharply to $734 million. FinCEN attributed the drop to major disruptions of the ALPHV/Blackcat ransomware group by U.S. law enforcement in December 2023 and of the LockBit group by U.S. and U.K. authorities in February 2024.
Value of ‘Quick Reporting’
“Banks and other financial institutions play a key role in protecting our economy from ransomware and other cyber threats,” FinCEN Director Andrea Gacki said in a statement. “By quickly reporting suspicious activity under the Bank Secrecy Act, they provide law enforcement with critical information to help detect cybersecurity trends that can damage our economy.”
Despite the year-over-year decline, FinCEN said ransomware remains a significant national security and economic threat, with financial institutions continuing to serve as a crucial early-warning system for emerging cybercrime patterns.
