Security Experts:

Connect with us

Hi, what are you looking for?



U.S. Offers $10 Million Rewards for Information on Foreign Hackers

The U.S. government has announced new initiatives aimed at combating ransomware and other cyber threats, including a new website and significant rewards for information on foreign hackers.

The U.S. government has announced new initiatives aimed at combating ransomware and other cyber threats, including a new website and significant rewards for information on foreign hackers.

The new website,, is designed to serve as a central hub that consolidates ransomware resources from all government agencies, including CISA, the FBI, the Secret Service, NIST, the Department of Treasury, and the HHS. Its goal is to provide useful resources for individuals, businesses and other organizations. provides information on what to do if you have been hit by ransomware, avoiding ransomware, and reporting cyber incidents to authorities. It also hosts ransomware alerts and statements from CISA and the FBI, links to free services that can be useful to individuals and organizations, training sessions, and webinars.

The government said roughly $350 million were paid in ransom to malicious cyber actors last year, which represented a 300% increase compared to the previous year.

As part of its fight against ransomware and other cyber threats, the U.S. government, specifically the Department of State, is now offering up to $10 million for “information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure…”

The rewards, offered as part of the State Department’s Rewards for Justice program, are for information on cyber operations that violate the Computer Fraud and Abuse Act (CFAA), including ransomware attacks, unauthorized access to systems and the theft of data, and the distribution of malware.

The State Department has set up a Tor-based website where individuals who have knowledge of foreign hacking activity can share information: he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion

The State Department says it has paid out more than $200 million to over 100 people around the world through its Rewards for Justice program since its inception nearly 40 years ago.

The Financial Crimes Enforcement Network (FinCEN) of the Treasury Department has announced that it will meet with government and private sector organizations in August to discuss ransomware.

The recent ransomware attacks targeting Colonial Pipeline and IT management firm Kaseya had a significant impact — the Kaseya attack resulted in ransomware being delivered to hundreds (possibly thousands) of organizations, and the Colonial incident led to temporary gas shortages.

Since in many cases the cybercriminals who launch these attacks are operating out of Russia, U.S. President Joe Biden brought up ransomware attacks in recent conversations with his Russian counterpart Vladimir Putin, telling him in a phone call earlier this month to take action against cybercriminals.

Related: Task Force Calls for Aggressive US ‘Anti-Ransomware’ Campaign

Related: U.S. Agencies Publish Ransomware Factsheet

Related: White House Urges Private Companies to Help in Fight Against Ransomware

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...