FBI: Ransomware Hit US Critical Infrastructure at Least 649 Times in 2021

pcmag.com:

US critical infrastructure has been bombarded with hundreds of ransomware attacks in the last year, according to the FBI. The agency today published its annual internet crime report, which revealed that it received 649 such complaints in 2021.

The report also supplied a breakdown of the attacks. The leading critical infrastructure providers targeted were organizations in the healthcare sector, followed by companies operating in the financial services, and then those in information technology.

A ransomware attack can be extremely disruptive because it can encrypt entire fleets of computers and servers, forcing a company's network to shut down. To free the computers, the victim has to pay up, usually in thousands or even in millions of dollars.

The FBI also received dozens of ransomware victim complaints targeting critical infrastructure providers in the energy sector, food and agriculture, and transportation. Meanwhile, several reported incidents involved water management systems and chemical suppliers. 

“Of the 16 critical infrastructure sectors, IC3 reporting indicated 14 sectors had at least 1 member that fell victim to a ransomware attack in 2021,” the FBI said. 

The agency noted that the FBI’s Internet Crime Complaint Center began tracking reports about ransomware attacks hitting critical infrastructure starting last June. So the numbers reflect only the second half of 2021. 

There’s also a high likelihood the FBI’s numbers don’t capture the full scale of the ransomware scourge. In total, the agency received 3,729 complaints from ransomware victims last year with the estimated losses at over $49.2 million, an increase from $29.1 million in 2020. However, experts at private cybersecurity firms say the financial loss