14 DAY TRIAL // In response to foreign hackers launching attacks against key institutions that violate the nation's anti-hacking law, the U.S. State Department is willing to pay up to $10 million for valuable information, according to Dark Reading.
U.S. authorities came up with this solution after cyberattacks on U.S. and European critical infrastructure and businesses skyrocketed. The most recent and reportedly most powerful cyberattack, launched by REvil via a zero-day vulnerability in Kaseya's software, affected more than 1,500 companies worldwide. The same cybercriminal gang managed to cripple the operations of meat manufacturer JBS and delay food deliveries after a ransomware attack.
In addition to threat intelligence, the agency will analyze other relevant aspects, such as sending malicious code, hacking or bypassing privileges on secured systems, and most importantly, the use of ransomware. The reward activity will be managed by The State Department's Rewards for Justice. The process begins with a tip channel running in TOR, where other government agencies will search for possible cyberattacks by foreign threat actors and evaluate relevant material.
The U.S. government has been trying to strengthen cybersecurity for some time, with a focus on preventing and combating attacks on critical infrastructure. The Biden administration has been pressuring Russian President Vladimir Putin to get involved in stopping cybercriminal gangs in Russia that are carrying out cyberattacks on organizations in America.
The new method may not achieve the intended result
The State Department's new approach may also have drawbacks. Going through all the clues gathered to find real information will consume a lot of time and resources, as Austin Berglas, Global Head of Professional Services explained. On the other hand, he added that offers like these can create Discord within ransomware gang members by giving them the choice to eliminate the competition.
He explained further that "[W]e still have to overcome the safe harbor provided by Russia and others," [...] "There are numerous existing cases where warrants are obtained and red notices are disseminated for criminals residing in these countries."