The US announced a $10 million prize for information on cyber extortionists in other countries on Thursday, as part of a stepped-up attempt to combat a significant increase in ransomware attacks, which US officials say often originate in Russia. According to the State Department, anyone who can identify or locate anyone who assaults US critical infrastructure online “while working at the direction or under the authority of a foreign government” would be paid $10 million. The federal government has launched StopRansomware.gov, a website that provides guidance to organizations, groups, and individuals on how to protect themselves and respond to attacks as part of a concerted effort.
Attorney General Merrick Garland stated that the Justice Department is “trying to bring all of our capabilities to bear against these threats.”
“However, we cannot do it alone; business leaders across industries must understand the threat, prioritize measures to harden their systems, and collaborate with law enforcement by reporting these attacks as soon as possible.”
A string of high-profile ransomware assaults this year have impacted a major US pipeline, a meat processor, and the software firm Kaseya, affecting 1,500 firms, many of which are not well-known. According to the Department of Homeland Security, criminal cyber actors were paid $350 million last year, up 300 percent from 2019.
Many of the attacks, according to US authorities, originated in Russia, though the amount of state involvement is still being contested. Russia denies any involvement. President Joe Biden brought up ransomware during a meeting with his Russian counterpart Vladimir Putin last month and again in a phone call this week, threatening to take direct action if Moscow does not limit cybercrime.