State Department offers US$10 million for foregin cyberattacks on critical infrastructure

The US Department of State has offered up to US$10 million reward through its Rewards for Justice programme for information on persons who participate in foreign malicious cyber activity against US critical infrastructure.

The Department is looking for information on persons who are ‘acting at the direction or under the control of a foreign government’ to harm US critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA).

The notice, posted on the Rewards for Justice website, enumerated the following malicious cyber activities as activities that violate the CFAA: transmitting extortion threats as part of ransomware attacks; intentional unauthorized access to a computer or exceeding authorised access and thereby obtaining information from any protected computer; knowingly causing the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causing damage without authorisation to a protected computer.

The Rewards for Justice programmw has set up a Dark Web (Tor-based) tips-reporting channel at he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion to protect potential sources.