Advertisement
Share

U.S. to offer $10-million rewards for help in identifying, thwarting cyberattacks

Inside of a computer
The inside of a computer in Jersey City, N.J.
(Jenny Kane / Associated Press)

The State Department will offer as much as $10 million in rewards for information leading to the identification of anyone engaged in foreign state-sanctioned malicious cyberactivity, including ransomware attacks, against crucial U.S. infrastructure. A task force set up by the White House will coordinate efforts to stem the ransomware scourge.

The Biden administration is also out with a website, stopransomware.gov, that offers the public resources for countering the threat and building more resilience into networks, a senior administration official told reporters.

In another move Thursday, the Treasury Department’s Financial Crimes Enforcement Network said it will work with banks, technology companies and others on better anti-money-laundering efforts for cryptocurrency and more rapid tracing of ransomware proceeds, which are paid in virtual currency.

Officials are hoping to seize more extortion payments in ransomware cases, as the FBI did in recouping most of the $4.4-million ransom paid by Colonial Pipeline in May.

Advertisement

The rewards are being offered under the State Department’s Rewards for Justice program. It will offer a tip-reporting mechanism on the dark web to protect sources who might identify cyberattackers or their locations, and reward payments may include cryptocurrency, the agency said in a statement.

The administration official would not comment on whether the U.S. government had a hand in Tuesday’s online disappearance of REvil, the Russian-linked gang responsible for a July 2 supply chain ransomware attack that crippled more than 1,000 organizations globally by targeting Florida-based software provider Kaseya. Ransomware scrambles entire networks of data, which criminals unlock when they get paid.

The White House says Biden told Russian President Vladimir Putin that the U.S. reserves the right to “defend its people and its critical infrastructure.”

Cybersecurity experts say REvil may have decided to drop out of sight and resurface under a new name, as it and several other ransomware gangs have done in the past to try to throw off law enforcement.

Another possibility is that Russian President Vladimir Putin heeded President Biden’s warning of repercussions if he didn’t rein in ransomware criminals, who enjoy safe harbor in Russia and allied states.

That seemed improbable, however, after Kremlin spokesman Dmitry Peskov’s statement to reporters Wednesday that he was unaware of REvil sites disappearing.

“I don’t know which group disappeared where,” he said. He said the Kremlin deems cybercrimes “unacceptable” and meriting punishment, but analysts say they have seen no evidence of a crackdown by Putin.


Advertisement