The US State Department is offering a cash reward of $10 million to anyone who can provide information that can lead to the arrest of hackers working for foreign governments.
The US Department of Justice has issued a press release saying the lead must relate to attackers “against US critical infrastructure in violation of the Computer Fraud and Abuse Act.”
This also involves ransomware attacks that target US critical infrastructure. The US Department of Homeland Security has added that this applies to attacks on government computers as well as “those used in or affecting interstate or foreign commerce or communication.”
Over the last two years, ransomware groups have made millions by attacking various industries and governments in the US. The most notable victims recently were Colonial Pipeline and major meat processor JBS, and various hospitals and schools.
The reward program is managed by the Diplomatic Security Service. It is available through an anonymous “Dark Web (Tor-based) tips-reporting channel to protect the safety and security of potential sources.”
The DoJ is willing to pay its sources in cryptocurrency:
“The RFJ program also is working with interagency partners to enable the rapid processing of information as well as the possible relocation of and payment of rewards to sources. Reward payments may include payments in cryptocurrency,” the State Department said.
The full information is available on the Rewards for Justice website at www.rewardsforjustice.net.
POLITICO reported on Wednesday that the reward was part of the Biden Administration that has announced a set of actions to help thwart future ransomware attacks.
Adam Flatley, the director of threat intelligence at a cybersecurity company and had worked on the ransomware task force, praised DoJ for its move and noted to ZDNet that a centralized location with resources for organizations to get help dealing with ransomware would be helpful for minimizing the threats:
“This is especially true for those organizations who have budget constraints that force them to go it alone, which is the case for so many good, hard working folks,” he added.
Meanwhile, some experts doubt the reward would be an effective incentive for providing tips about cyber attackers.
