Connect with us

Hi, what are you looking for?



FBI: 649 Ransomware Attacks Reported on Critical Infrastructure Organizations in 2021

The Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) says it received 649 complaints of ransomware attacks targeting critical infrastructure organizations in 2021.

The Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) says it received 649 complaints of ransomware attacks targeting critical infrastructure organizations in 2021.

Ransomware attacks hit 14 out of 16 critical infrastructure sectors last year, with healthcare and public health impacted the most, the IC3 notes in its 2021 Internet Crime Report (PDF).

The IC3 received a total of 148 complaints of ransomware attacks on the healthcare sector, far more than the number of reported hits on the next most targeted sectors, namely financial services (89) and information technology (74).

[ Read: US Charges Russian Hackers Over Triton, Havex Cyberattacks on Energy Sector ]

At 65 complaints, critical manufacturing was also a popular target for ransomware operators, with government facilities rounding up top five with 60 reported attacks.

Of the top three ransomware families targeting critical infrastructure, Conti mostly focused on critical manufacturing, commercial facilities, and food and agriculture; LockBit frequently hit government, healthcare, and financial organizations; while REvil/Sodinokibi targeted financial services, IT, and healthcare and public health sectors.

In a joint advisory in February, the US, UK, and Australia warned of an increase in the sophistication of ransomware attacks, and also pointed out that ransomware operators increasingly rely on cybercriminal ‘services-for-hire’ in operations.

Advertisement. Scroll to continue reading.

[ READ: Ransomware, Malware-as-a-Service Dominate Threat Landscape ]

Overall in 2021, the IC3 received 3,729 complaints of ransomware attacks, with adjusted losses in excess of $49.2 million. However, these represent only a fraction of the estimated losses of more than $6.9 billion caused by the reported cybercrime last year.

The IC3 received close to 850,000 complaints related to internet cybercrime in 2021, up roughly 50,000 from 2020 (when estimated losses topped $4.2 billion) and nearly double compared to 2019 (when estimated losses reached $3.5 billion).

Phishing remained the top cybercrime type reported last year, accounting for roughly 324,000 of the received complaints, followed by non-payment/non-delivery, personal data breach, and identity theft. Extortion was the fifth most common crime type, at roughly 39,000 complaints.

A total of 19,954 Business Email Compromise (BEC)/ Email Account Compromise (EAC) complaints were received in 2021, with adjusted losses close to $2.4 billion, roughly on par with 2020 (19,369 complaints and adjusted losses of $1.8 billion).

In 2021, the IC3 received the majority of internet crime complaints from victims in the US (more than 466,000 reports) and in the UK (more than 300,000 complaints).

Related: U.S. Security Vendors Launch Critical Infrastructure Defense Project

Related: The Psychology of Ransomware Response

Related: FBI Received 1,600 SIM Swapping Complaints in 2021

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.