The U.S. Department of State’s Rewards for Justice (RFJ) Program, which is administered by the Diplomatic Security Service has announced its intention to offer rewards of up to $10 million for any information that helps US authorities identify and locate threat actors “acting at the direction or under the control of a foreign government” that carry out malicious cyber activities against US critical infrastructure.
The announcement comes after ransomware groups have made millions over the last two years attacking pipelines, manufacturers, hospitals, schools, and local governments. While attacks on Colonial Pipeline and major meat processor JBS drew the biggest headlines, hundreds of healthcare institutions, universities, and schools have suffered from damaging attacks too. The DHS estimated that about $350 million in ransom was paid to cybercriminals in 2020.
The State is also making the rewards programme amenable to payments in cryptocurrency, in the interest of protecting sources who report on state-sponsored cybercrime.
“Commensurate with the seriousness with which we view these cyber threats, the Rewards for Justice Program has set up a Dark Web (Tor-based) tips-reporting channel to protect the safety and security of potential sources,” State’s release reads. “The RFJ Program also is working with interagency partners to enable the rapid processing of information as well as the possible relocation of and payment of rewards to sources. Reward payments may include payments in cryptocurrency.”
Since its inception in 1984, the programme has paid in excess of $200 million to more than 100 people across the globe who provided actionable information that helped prevent terrorism, bring terrorist leaders to justice, and resolve threats to U.S. national security.
Resources for ransomware attacks
On Thursday federal agencies also launched a website in an attempt to streamline access to resources and reports of ransomware to those agencies.
“StopRansomware.gov reduces the fragmentation of resources, which is especially detrimental for those who have become victims of an attack, by integrating federal ransomware resources into a single platform that includes clear guidance on how to report attacks, and the latest ransomware-related alerts and threats from all participating agencies,” according to press releases from the departments of Homeland Security and Justice. “StopRansomware.gov includes resources and content from DHS’s Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Secret Service, the Department of Justice’s Federal Bureau of Investigation (FBI), the Department of Commerce’s National Institute of Standards and Technology (NIST), and the Departments of the Treasury and Health and Human Services.”