In the wake of cyberattacks targeting U.S. infrastructure organizations, the U.S. government is stepping up measures to identify foreign threat actors and bring them to justice.
It appears the U.S. government is putting their money with their mouth is. I recently reported on White House Press Secretary Jen Psaki stating the U.S. government would “reserve the right to take action” against any foreign cyberthreat attacking U.S. infrastructure.
In a new press release, the Department of State announced a reward of up to $10 million as part of their “Rewards for Justice” program “information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA).”
With APT groups and ransomware-as-a-service gangs all stemming from within Russia (where hacking an organization outside the country is not illegal) matched with the number of recent attacks on critical U.S. infrastructure, this latest step towards finding who is responsible makes sense.
And while the $10 million may pale in comparison to the $4.2 Billion in cybercrime costs, it may just be enough to convince someone to snitch on the bad guys and put them out of business. If nothing else, it may be an impactful proverbial shot across the bow to cybercriminal gangs to stay clear of U.S. infrastructure companies – there are plenty of other victims to target, right?