Is it possible that the leader of a ransomware gang could be more valuable to the U.S. government than the current leader of al-Qa'ida?
Officials have just named their price for certain types of cybercriminals and those who are willing to turn on them.
And that is just one of the unique initiatives the government has rolled out this week in the fight against ransomware.
Could this be a sign that the tables are about to turn on those who launch cyber attacks without consequence?
U.S. Reward for Justice going after cybercriminals
The U.S. State Department is taking a new step forward in the fight against ransomware with its Rewards for Justice Program (RFJ).
The agency is now offering cash for information leading to some kind of justice, and in this case, the value of cybercriminals is higher than that of terrorists in the real world.
For example, it is offering up to $7 million for information on Abu Ubaydah Yusuf al-Anabi, the new leader of the terrorist organization al-Qa'ida.
However, it is offering even more for certain types of cybercriminals.
The program just announced the following:
"The U.S. Department of State's Rewards for Justice (RFJ) program is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA)."
This should give you an idea of how seriously the government is taking ransomware if it is willing to offer more money for information on nation-state linked cybercriminals than it is for the leader of al-Qa'ida.
If you are looking for a big payday, here are some specific cybercrimes the State Department says qualify for payouts:
- "Transmitting extortion threats as part of ransomware attacks,"
- "Intentional unauthorized access to a computer or exceeding authorized access and thereby obtaining information from any protected computer,"
- "Knowingly causing the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causing damage without authorization to a protected computer."
Who may have the greatest knowledge of cybercriminal groups? Those frequenting the Dark Web.
And that is why the State Department setup a Dark Web tips reporting channel to protect the safety and security of potential sources.
U.S. launches ransomware information site
There is another significant development relating to the government's fight against ransomware.
We have seen attacks cripple businesses, disrupt critical infrastructure, and threaten national security.
In 2020, the U.S. Department of Justice (DOJ) reports that about $350 million was paid out to malicious cyber actors, a 300% increase from the previous year.
As part of the U.S. response to these trends, it announced a new resource for organizations of every size, StopRansomware.gov.
Multiple government agencies partnered to launch this site:
"StopRansomware.gov is the first central hub consolidating ransomware resources from all federal government agencies. Before today, individuals and organizations had to visit a variety of websites to find guidance, latest alerts, updates and resources, increasing the likelihood of missing important information.
StopRansomware.gov reduces the fragmentation of resources, which is especially detrimental for those who have become victims of an attack, by integrating federal ransomware resources into a single platform that includes clear guidance on how to report attacks, and the latest ransomware-related alerts and threats from all participating agencies.
StopRansomware.gov includes resources and content from DHS's Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Secret Service, the DOJ's FBI, the Department of Commerce's National Institute of Standards and Technology (NIST), and the Departments of the Treasury and Health and Human Services."
Department of Homeland Security Secretary Alejandro Mayorkas says this is a crucial next step in defending against malicious cyber actors.
"As ransomware attacks continue to rise around the world, businesses and other organizations must prioritize their cybersecurity. Cyber criminals have targeted critical infrastructure, small businesses, hospitals, police departments, schools and more.
These attacks directly impact Americans' daily lives and the security of our nation. I urge every organization across our country to use this new resource to learn how to protect themselves from ransomware and reduce their cybersecurity risk."
A two-pronged approach seems to be coming into view under the Biden administration. One part involves finding and prosecuting cybercriminals, especially those that are nation-state actors. The second part involves helping organizations become more resilient.
SecureWorld keynote speaker and CNN analyst Col. Cedric Leighton is glad to see these developments.
"We have to have a much more active approach to it; we also have to have more targeted sanctions against individuals. The legal frameworks need to be adapted to this kind of activity. And right now, they're getting away with a lot of things that they really shouldn't be getting away with."
Time will tell if that is about to change.
