US announces bounty of up to $ 10 million against nation-state hackers



Months after a ransomware attack forced Colonial Pipeline to shut down, the US State Department announced a $ 10million (£ 7.26million) bounty on sponsored hacker information by the state who carry out malicious cyber activities against America’s critical infrastructure.

The offer, which could benefit hackers and White Hat threat hunters in the coming days, promises a bounty of up to £ 7.26million to anyone who can provide information that can identify or locate any actor malicious working in targeting. Critical American infrastructure under the direction or control of a foreign government.

The offer, announced Thursday by the US State Department, also stipulates that the hacking activity must be in violation of the Computer Fraud and Abuse Act (CFAA). Acts that constitute violations under the law include “transmitting extortion threats as part of ransomware attacks; intentional unauthorized access to or exceeding of authorized access and thereby obtaining information from any protected computer; and knowingly causing the transmission of any program, information, code or command, and as a consequence of such conduct, intentionally causing unauthorized damage to a protected computer.

“As seriously as we take these cyber threats, the Rewards for Justice program has implemented a Dark Web (Tor-based) advice reporting channel to protect the safety and security of potential sources. The RFJ program also works with interagency partners to enable rapid processing of information as well as possible relocation and payment of rewards to sources. Reward payments can include cryptocurrency payments, ”the State Department said.

“We encourage anyone with information about malicious cyber activity, carried out against critical US infrastructure in violation of the CFAA by actors under the direction or control of a foreign government, to contact the Rewards for Justice office through our guidance. Tor-based. -report channel to: he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion (Tor browser required). ”

Commenting on the very first bounty offered by the US government to identify and locate state-sponsored hackers, Richard Walters, Censornet’s chief technical officer, told TEISS that it was a significant reward that could turn the head of any ransomware hacker. However, it is difficult to establish whether the amount of the bid is sufficient to divert hackers from the lucrative ransomware industry and expose their colleagues.

“Cybercriminals are masters of disguise and subterfuge, so there is no guarantee that they have information that identifies their colleagues. Plus, ransomware is a profitable business. Would hackers risk killing their goose that laid the golden eggs by exposing an accomplice? ” he said.

“When you pay a ransom, there is no guarantee that a cybercriminal will keep their promises and return your data. Can we really trust a hacker who informs his colleagues? How can we guarantee that they won’t lie or just disappear with the money? Basically we can’t.

“Hackers should not be trusted when it comes to negotiating ransoms, this is one of the reasons we advise them not to pay ransoms. It might be wise for the US State Department to take this fact into account when dealing with cyber informants, ”he added.

On the same day the bounty was announced, the United States Department of Justice (DOJ) and the United States Department of Homeland Security (DHS) also launched a new website, named Stop, as a single hub for ransomware resources for individuals, businesses and other organizations.

According to the DoJ, is the first central hub of ransomware resources from all federal government agencies. It provides individuals and businesses with advice, the latest alerts, updates and resources related to ransomware attacks. This way, individuals and organizations will not have to visit a variety of websites to find the latest information and alerts on ransomware threats.

“Like most cyber attacks, ransomware exploits the weakest link. Many small businesses still need to adequately protect their networks, and will help these organizations and many others take simple steps to protect their networks and respond to ransomware incidents while also providing IT teams at the bottom line. ‘company technical resources to reduce their risk of ransomware,’ the department said.


Leave A Reply

Your email address will not be published.