US offers US$10mn reward for info on state-sponsored hackers

The State Department’s Rewards for Justice Program is offering a reward of up to $10 million for information about anyone targeting critical infrastructure

The U.S. Department of State’s Rewards for Justice (RFJ) Program, which is administered by the Diplomatic Security Service has announced its intention to offer rewards of up to $10 million for any information that helps US authorities identify and locate threat actors “acting at the direction or under the control of a foreign government” that carry out malicious cyber activities against US critical infrastructure.

The announcement comes after ransomware groups have made millions over the last two years attacking pipelines, manufacturers, hospitals, schools, and local governments. While attacks on Colonial Pipeline and major meat processor JBS drew the biggest headlines, hundreds of healthcare institutions, universities, and schools have suffered from damaging attacks too. The DHS estimated that about $350 million in ransom was paid to cybercriminals in 2020.

The State is also making the rewards programme amenable to payments in cryptocurrency, in the interest of protecting sources who report on state-sponsored cybercrime.

“Commensurate with the seriousness with which we view these cyber threats, the Rewards for Justice Program has set up a Dark Web (Tor-based) tips-reporting channel to protect the safety and security of potential sources,” State’s release reads. “The RFJ Program also is working with interagency partners to enable the rapid processing of information as well as the possible relocation of and payment of rewards to sources. Reward payments may include payments in cryptocurrency.”

Since its inception in 1984, the programme has paid in excess of $200 million to more than 100 people across the globe who provided actionable information that helped prevent terrorism, bring terrorist leaders to justice, and resolve threats to U.S. national security.


Resources for ransomware attacks


On Thursday federal agencies also launched a website in an attempt to streamline access to resources and reports of ransomware to those agencies. reduces the fragmentation of resources, which is especially detrimental for those who have become victims of an attack, by integrating federal ransomware resources into a single platform that includes clear guidance on how to report attacks, and the latest ransomware-related alerts and threats from all participating agencies,” according to press releases from the departments of Homeland Security and Justice. “ includes resources and content from DHS’s Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Secret Service, the Department of Justice’s Federal Bureau of Investigation (FBI), the Department of Commerce’s National Institute of Standards and Technology (NIST), and the Departments of the Treasury and Health and Human Services.”



Featured Articles

ICYMI: New Age of the CISO and cybersecurity trends for 2023

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Kingfisher chooses Google Cloud as catalyst for growth

Google Cloud will support Kingfisher's digital ambitions with a range of solutions, from infrastructure to data analytics.

ICYMI: Cyber predictions for 2023 and trouble in paradise

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Osirium shares its cyber predictions for 2023

Cyber Security

ICYMI: Unloved emails and cybersecurity worth $500bn by 2030

Cyber Security

Cyber security market anticipated to reach $500bn by 2030

Cyber Security