The U.S. government has announced new initiatives aimed at combating ransomware and other cyber threats, including a new website and significant rewards for information on foreign hackers.
The new website, StopRansomware.gov, is designed to serve as a central hub that consolidates ransomware resources from all government agencies, including CISA, the FBI, the Secret Service, NIST, the Department of Treasury, and the HHS. Its goal is to provide useful resources for individuals, businesses and other organizations.
StopRansomware.gov provides information on what to do if you have been hit by ransomware, avoiding ransomware, and reporting cyber incidents to authorities. It also hosts ransomware alerts and statements from CISA and the FBI, links to free services that can be useful to individuals and organizations, training sessions, and webinars.
The government said roughly $350 million were paid in ransom to malicious cyber actors last year, which represented a 300% increase compared to the previous year.
As part of its fight against ransomware and other cyber threats, the U.S. government, specifically the Department of State, is now offering up to $10 million for “information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure…”
The rewards, offered as part of the State Department’s Rewards for Justice program, are for information on cyber operations that violate the Computer Fraud and Abuse Act (CFAA), including ransomware attacks, unauthorized access to systems and the theft of data, and the distribution of malware.
The State Department has set up a Tor-based website where individuals who have knowledge of foreign hacking activity can share information: he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion
The State Department says it has paid out more than $200 million to over 100 people around the world through its Rewards for Justice program since its inception nearly 40 years ago.
The Financial Crimes Enforcement Network (FinCEN) of the Treasury Department has announced that it will meet with government and private sector organizations in August to discuss ransomware.
The recent ransomware attacks targeting Colonial Pipeline and IT management firm Kaseya had a significant impact — the Kaseya attack resulted in ransomware being delivered to hundreds (possibly thousands) of organizations, and the Colonial incident led to temporary gas shortages.
Since in many cases the cybercriminals who launch these attacks are operating out of Russia, U.S. President Joe Biden brought up ransomware attacks in recent conversations with his Russian counterpart Vladimir Putin, telling him in a phone call earlier this month to take action against cybercriminals.
Related: Task Force Calls for Aggressive US ‘Anti-Ransomware’ Campaign
Related: U.S. Agencies Publish Ransomware Factsheet
Related: White House Urges Private Companies to Help in Fight Against Ransomware

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- UK Car Retailer Arnold Clark Hit by Ransomware
- EV Charging Management System Vulnerabilities Allow Disruption, Energy Theft
- Unpatched Econolite Traffic Controller Vulnerabilities Allow Remote Hacking
- Google Fi Data Breach Reportedly Led to SIM Swapping
- Microsoft’s Verified Publisher Status Abused in Email Theft Campaign
- British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers
- Meta Awards $27,000 Bounty for 2FA Bypass Vulnerability
- Industry Reactions to Hive Ransomware Takedown: Feedback Friday
Latest News
- Google Shells Out $600,000 for OSS-Fuzz Project Integrations
- F5 BIG-IP Vulnerability Can Lead to DoS, Code Execution
- Flaw in Cisco Industrial Appliances Allows Malicious Code to Persist Across Reboots
- UK Car Retailer Arnold Clark Hit by Ransomware
- Dealing With the Carcinization of Security
- HeadCrab Botnet Ensnares 1,200 Redis Servers for Cryptomining
- Cyber Insights 2023 | Supply Chain Security
- Cyber Insights 2023 | Regulations
