The US government is offering up to $10 million for information that can identify or locate malicious cyber actors working on behalf of a foreign government to target critical US infrastructure, the US State Department announced Thursday.
It is part of an effort across the US government to try and put a stop to recent cyber attacks that have crippled businesses and other critical infrastructure. This year alone, hundreds of businesses reliant on a software vendor, a critical pipeline along the East Coast, a major meat producer and ferry services in Cape Cod have been the victims of ransomware attacks.
The State Department’s “Rewards for Justice” program is offering the hefty reward, while warning that such cyber activities targeting infrastructure violate the Computer Fraud and Abuse Act.
“Commensurate with the seriousness with which we view these cyber threats,” the State Department program has set up a Tor-based channel for potential sources to report tips in a safe and secure way.
The program is also working with interagency partners to rapidly process information, possibly relocate sources, and pay out rewards, including in cryptocurrency.
In a call with reporters Wednesday evening, a senior administration official said the Biden administration has also launched a task force to track, on a weekly basis, the numerous administration efforts to counter ransomware.
As part of the effort, the Department of Justice and the Department of Homeland Security are announcing “stopransomware.gov,” a site they view as a centralized resource on ransomware for organizations to learn how to protect themselves.
DHS Secretary Alejandro Mayorkas told CNN’s John Berman on Thursday that the federal government website is a “one-stop shop” for information on “how one can prevent one’s self from becoming a victim of ransomware, and should one become a victim, how one can work with the federal government in partnership to address the situation.”
“One of the greatest threats that we face in the cyber area is ransomware, where cyber criminals hold people, homes, small businesses, medium-sized to large businesses hostage, their systems hostage until they pay a ransom, and of course we advise they not pay that ransom,” he added.