Experiencing a Breach?
The State Department’s Bounty Strategy to Catch Cybercriminals
By Jana Bounds
Jana Bounds

It seems preposterous to think that the world’s first cyberattack took place nearly 200 years ago. But the attack of the French Telegraph System, in which two thieves stole financial market information has earned that distinction.

Other attackers surfaced to disrupt telegraph and phone services, including the phone “phreaks” who hijacked the protocols which allowed telecoms engineers to work on the network remotely and made free calls, avoiding long-distance tolls.

The phreaks organized and shared information via a group newsletter. This renegade innovation laid the path for Apple’s founders Steve Wozniak and Steve Jobs, who were members of the group.  

The pages of history are also highlighted with the world’s first white hat hacker who surfaced in 1940: Rene Carmille, a punch-card computer expert who owned the machines that the French government used to process information, and just happened to also be a member of the Resistance during Nazi occupation.

Carmille offered up his devices to the Nazis when he discovered they were using machines to process information to track down Jews. He was then able to hack them and skew information.

The chronicle of computers used nefariously and for good is profound and storied. In the case of Carmille’s white hat contributions, it meant the difference between life and death for many people. Nazi success where he intervened would have meant the dissolution of bloodlines. Family stories, and the families themselves, continue today thanks to his efforts.

Thus, the battle between good and evil in the cyber realm has been taking place for centuries, but it’s accelerated and amplified in these modern times. And the implications could very easily mean the difference between life and death on a greater scale, due to the significant power wielded by computer systems in countless situations involving vital infrastructure.

Tracking Down Cybercriminals

The U.S. State Department is being forced to adapt, and most agencies within the U.S. government have specialized teams dedicated to protecting data linked to national security, and to hunting down the culprits who are disrupting markets, pipelines, transportation, and hacking into government and private sector servers.   

While many cyberattacks have simply been for financial gain via ransomware, state-actors are stepping up hacking efforts, particularly governments with which current tensions exist – like Russia and China.

Some recent cyberattacks have appeared of a more exploratory nature, with some experts theorizing that aggressors are simply laying the groundwork for future attacks on critical infrastructure, including energy and transportation.

This has experts within the government and outside of it on edge.

In anticipation of greater threats, the State Department is getting a little more creative, and taking a page from the playbooks of the Roman Empire, the Wild West, and the days of piracy on the high seas: Bounties… cash rewards offered for information leading to the capture of those preparing for cyberattacks and those who have already attacked American interests in the digital realm.

Before this inclusion of cybercrimes, which occurred in 2020, the State Department’s Rewards for Justice (RFJ) was focused on terrorists who posed direct threats to the lives of Americans and American allies.

Now, the definition of the program is broader: “The Rewards for Justice (RFJ) mission is to generate useful information that protects Americans and further U.S. national security. The program offers rewards for information on terrorism, foreign-linked interference in U.S. elections, foreign-directed malicious cyber activities against the United States, and the financial mechanisms of individuals engaged in certain activities to support the North Korean regime.”

FBI Assistant Director for Cyber, Bryan Vorndran said in September 2022 that the program, offering rewards up to $10 million leading to the apprehension of cybercriminals, is paying off.  

“Recently the US government has also started to leverage something that was traditionally used in counterterrorism, Rewards for Justice,” Vorndran said at the Billington Cybersecurity Summit. “It’s essentially incentivizing individuals who have intimate knowledge of a criminal conspiracy, whether nation-state or not, to report to the U.S. government. … That has actually born fruit at this point.”

So far, the State Department says it has doled out more than $250 million to over 125 people since RFJ’s inception in 1984, for information that led to the prevention of international terrorist attacks or helped bring responsible parties of attacks to justice, according to the Washington Post.

Rewards for Justice

With recent hacks of government agencies by hackers suspected to be linked to Russia and China, RFJ is offering some of the largest bounties to date for cybercrimes–$10 million.

Now the RFJ website shows rewards for a variety of criminals, from a $5 million reward for information on Abdullahi Osman Mohamed, the senior explosives expert for al-Shabaab to $10 million for information about Russian-linked group Conti, and up to $10 million for information leading to Petr Nikolayevich Pliskin, who developed NotPetya malware used by the Russian government “to infect computer systems of critical infrastructure facilities worldwide,” including U.S. hospitals and medical facilities, as well as a large U.S. pharmaceutical manufacturer.

RFJ’s Twitter account is now host to appeals for information on cybercriminals: “Do you have info linking CLOP Ransomware Gang or any other malicious cyber actors targeting U.S. critical infrastructure to a foreign government? Send us a tip. You could be eligible for a reward.”

Another Tweet from May 26 states: “PRC state-sponsored cyber actors such as Volt Typhoon target US critical infrastructure. Contact RFJ if you have information on China-based malicious cyber actors. You could be eligible for a reward up to $10 million (CNY 70,630,000)!”

These rewards offered for information on cybercriminals don’t come as a surprise due to the exceptional danger they pose to national security.

American critical infrastructure like pipelines and railways are under threat and Chinese hackers are “all but certain to disrupt American critical infrastructure… in the event of a conflict with the United States,” according to Reuters.

Cybersecurity and Infrastructure Security Agency Director Jen Easterly recently noted that Beijing has been making significant investments in capabilities to sabotage U.S. infrastructure.

“This, I think, is the real threat that we need to be prepared for, and to focus on, and to build resilience against,” she said.

A Single Weak or Compromised Password

The 2021 cyberattack of the Colonial Pipeline, which is the largest fuel pipeline in the U.S., led to fuel shortages and panic buying on the East Coast. Hackers, since identified as the Dark Side gang, were able to gain entry into Colonial Pipeline Co. networks thanks to a single compromised password, Mandiant told Bloomberg.

Now is the Time to Step-up Your Cybersecurity

Call Horizon Helix today for an assessment of your strengths and weaknesses.

 

Table of Contents

sign up
Read more
Read More