The U.S. government has announced new initiatives aimed at combating ransomware and other cyber threats, including a new website and significant rewards for information on foreign hackers.
The new website, StopRansomware.gov, is designed to serve as a central hub that consolidates ransomware resources from all government agencies, including CISA, the FBI, the Secret Service, NIST, the Department of Treasury, and the HHS. Its goal is to provide useful resources for individuals, businesses and other organizations.
StopRansomware.gov provides information on what to do if you have been hit by ransomware, avoiding ransomware, and reporting cyber incidents to authorities. It also hosts ransomware alerts and statements from CISA and the FBI, links to free services that can be useful to individuals and organizations, training sessions, and webinars.
The government said roughly $350 million were paid in ransom to malicious cyber actors last year, which represented a 300% increase compared to the previous year.
As part of its fight against ransomware and other cyber threats, the U.S. government, specifically the Department of State, is now offering up to $10 million for “information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure…”
The rewards, offered as part of the State Department’s Rewards for Justice program, are for information on cyber operations that violate the Computer Fraud and Abuse Act (CFAA), including ransomware attacks, unauthorized access to systems and the theft of data, and the distribution of malware.
The State Department has set up a Tor-based website where individuals who have knowledge of foreign hacking activity can share information: he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion
The State Department says it has paid out more than $200 million to over 100 people around the world through its Rewards for Justice program since its inception nearly 40 years ago.
The Financial Crimes Enforcement Network (FinCEN) of the Treasury Department has announced that it will meet with government and private sector organizations in August to discuss ransomware.
The recent ransomware attacks targeting Colonial Pipeline and IT management firm Kaseya had a significant impact — the Kaseya attack resulted in ransomware being delivered to hundreds (possibly thousands) of organizations, and the Colonial incident led to temporary gas shortages.
Since in many cases the cybercriminals who launch these attacks are operating out of Russia, U.S. President Joe Biden brought up ransomware attacks in recent conversations with his Russian counterpart Vladimir Putin, telling him in a phone call earlier this month to take action against cybercriminals.