The U.S. Department of State’s Rewards for Justice (RFJ) program is offering a reward of up to $10 million for information leading to the identification or location of any person who, while “acting at the direction or under the control of a foreign government”, participates in malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA).
The offer comes following a spike in ransomware incidents, such as those on JBS Foods and the Colonial Pipeline, which impacted US food and fuel supply for days, even creating a small panic among the U.S. population in certain areas of the country.
(A ransomware attack on Colonial Pipeline crippled half of the US’ fuel supply. Learn who perpetrated this attack, and how it has become the largest known attack on American critical infrastructure. Courtesy of Destination Certification and YouTube. Posted on May 18, 2021.)
Certain malicious cyber operations targeting U.S. critical infrastructure may violate the CFAA.
Violations of the CFAA statute may include any of the following situations:
Transmitting extortion threats as part of ransomware attacks;
Intentional unauthorized access to a computer (or exceeding authorized access) and obtaining information from any protected computer; and
Knowingly causing the transmission of a program, information, code, or command, and as a result, intentionally causing damage without authorization to a protected computer.
(Protected computers include not only U.S. government and financial institution computer systems, but also those used in or affecting interstate or foreign commerce or communication.)
Proportional to the seriousness of these cyber threats, the Rewards for Justice program has set up a Dark Web (Tor-based) tips-reporting channel to protect the safety and security of potential sources.
The RFJ program also is working with interagency partners to enable the rapid processing of information as well as the possible relocation of and payment of rewards to sources, which may include payments in cryptocurrency.
The Department of State encourages anyone with information on malicious cyber activity, carried out against U.S. critical infrastructure in violation of the CFAA by state-sponsored actors, to contact the Rewards for Justice office via their Tor-based tips-reporting channel at:
Since 1984, the Rewards for Justice program has paid more than $200 million to over 100 people across the globe who provided actionable information which helped to prevent terrorism, bring terrorist leaders to justice, and resolve threats to U.S. national security.
(Learn More about the Rewards for Justice (RFJ) program, courtesy of the StateDeptDSS and YouTube.)
AST strives to meet a 3 STAR trustworthiness rating, based on the following criteria:
- Provides named sources
- Reported by more than one notable outlet
- Includes supporting video, direct statements, or photos