Cryptocurrency, ransomware make for dangerous combination

It’s hardly shocking increased use and recognition of cryptocurrency creates new opportunities and challenges for banks. What might surprise you, though, is exactly how the emergence of virtual currency is leaving financial institutions more vulnerable to an all-too-common problem: ransomware.

According to the Financial Crimes Enforcement Network, the total U.S.-dollar value of ransomware-related transactions reported during the first half of 2021 exceeded that from all last year, and any year since 2011. FinCEN recently announced the agency received $590 million in ransomware-related suspicious activity reports during that six-month period, a 42% increase from 2020. And in an overwhelming number of the cases, the cyber criminals demanded their ransoms in Bitcoin to provide an added layer of anonymity.

The reason for this online crime wave is three-fold: First, ransomware is becoming easier to deploy, with ready-made ransomware kits available of the dark web, eliminating the need for technical expertise. Second, ransomware gangs have adopted new extortion tactics to increase incentive to pay, including encrypting the victim’s data and threatening to publish it if the ransom is not met. Third, and most relevant to this discussion, attacks on small municipalities and organizations have spiked because of the perception of weaker security controls making them easy prey.

This is where banks come in. Financial institutions are constantly trying to stay ahead of cyber criminals and keep pace with government regulations to protect their information systems and their customers’ vital personal data.

A recent release from the Office of Foreign Assets Control is a reminder the government intends to hold liable any party subject to U.S. jurisdiction, even if they didn’t know or have reason to know they were engaging in a prohibited transaction. It means if one of your customers is a victim of ransomware, and they fund a crypto wallet through an account at your bank to meet the ransom payment, your institution becomes part of the payment chain and might face civil or even criminal penalties.

Credit quality risk
Has your bank considered the credit quality risk that would result from a ransomware attack against one of your largest commercial borrowers?

Your IT staff should be thinking about cyber-attacks and the security of your bank. At the same time, your lenders work to manage traditional credit risk of the borrowers. But who is thinking about these risks from a whole-bank perspective? It’s evolving risks such as these that require new ways of thinking about risk.

To access the full article online, including some financial red flags to watch for, click here. Have questions about this issue: drop an email to

For more information, contact Elaine Dodd, OBA VP/Fraud Division, 405-424-5252 or BankOnIT Advanced Cyber Intelligence Division at 405-605-3900.