The U.S. is offering $10 million for information that can help identify or locate threat actors acting on behalf of foreign governments to target critical infrastructure.
“The U.S. Department of State is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA),” the U.S. The Department of State said in a press release.
Since its inception in 1984, the Rewards for Justice (RFJ) program has paid in excess of $200 million to more than 100 people across the globe.
The U.S. has set up a Tor-based tips-reporting channel to protect the safety and security of potential sources.
“Certain malicious cyber operations targeting U.S. critical infrastructure may violate the CFAA. Violations of the statute may include transmitting extortion threats as part of ransomware attacks; intentional unauthorized access to a computer or exceeding authorized access and thereby obtaining information from any protected computer; and knowingly causing the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causing damage without authorization to a protected computer. Protected computers include not only U.S. government and financial institution computer systems, but also those used in or affecting interstate or foreign commerce or communication,” the press release reads.