U.S.

State Department Offers $10M In Anti-Ransomware Rewards

The hope is to seize more extortion payments in ransomware cases.

Photo showing the inside of a computer.
Jenny Kane / AP
SMS

The State Department will offer rewards up to $10 million for information leading to the identification of anyone engaged in foreign state-sanctioned malicious cyber activity against critical U.S. infrastructure — including ransomware attacks — and the White House has launched a task force to coordinate efforts to stem the ransomware scourge.The Biden administration is also launching the website stopransomware.gov to offer the public resources for countering the threat and building more resilience into networks, a senior administration official told reporters.Another measure being announced Thursday to combat the ransomware onslaught is from the Financial Crimes Enforcement Network at the Treasury Department. It will engage banks, technology firms and others on better anti-money-laundering efforts for cryptocurrency and more rapid tracing of ransomware proceeds, which are paid in virtual currency.

Ransomware Negotiations Spark New Business For Cybersecurity Companies
Ransomware Negotiations Spark New Business For Cybersecurity Companies

Ransomware Negotiations Spark New Business For Cybersecurity Companies

According to according to Cybersecurity Ventures, ransomware is expected to cost organizations $20 billion in 2021.

LEARN MORE

Officials are hoping to seize more extortion payments in ransomware cases, as the FBI did in recouping most of the $4.4 million ransom paid by Colonial Pipeline in May.The rewards are being offered under the State Department's Rewards for Justice program. It will offer a tips-reporting mechanism on the dark web to protect sources who might identify cyber attackers and/or their locations, and reward payments may include cryptocurrency, the agency said in a statement.The administration official would not comment on whether the U.S. government had a hand in Tuesday's online disappearance of REvil, the Russian-linked gang responsible for a July 2 supply chain ransomware attack that crippled well over 1,000 organizations globally by targeting Florida-based software provider Kaseya. Ransomware scrambles entire networks of data, which criminals unlock when they get paid.Cybersecurity experts say REvil may have decided to drop out of sight and rebrand under a new name, as it and several other ransomware gangs have done in the past to try to throw off law enforcement.

As Attacks Rise, These Security Experts Are Hunting Cyber Criminals
As Attacks Rise, These Security Experts Are Hunting Cyber Criminals

As Attacks Rise, These Security Experts Are Hunting Cyber Criminals

They use false personas cultivated over the past five to 10 years. And some of them trace problems from the cyberworld to the physical.

LEARN MORE

Another possibility is that Russian President Vladimir Putin actually heeded President Joe Biden's warning of repercussions if he didn't rein in ransomware criminals, who enjoy safe harbor in Russia and allied states.That seemed improbable, however, given Kremlin spokesman Dmitry Peskov's statement to reporters Wednesday that he was unaware of REvil sites disappearing."I don't know which group disappeared where,” he said. He said the Kremlin deems cybercrimes “unacceptable” and meriting of punishment, but analysts say they have seen no evidence of a crackdown by Putin.Additional reporting by The Associated Press.