In keeping with its promise to tackle cybercrime viewed as a similar risk level to terrorism spurred on by the recent critical infrastructure ransomware attacks on firms such as JBS and Colonial Pipeline, the U.S. State Department has offered a bounty of $10 million for information leading to the location or identification of any individual that is a state-backed hacker attacking U.S. critical infrastructure.
As per the Rewards for Justice page, protected computers against the Computer Fraud and Abuse Act (CFAA) include government and financial institutions’ computer networks as well as those dealing in foreign commerce and communication.
Interestingly, this is the first time the U.S. government has offered rewards in crypto assets, with the “possible relocation and rewards payments by cryptocurrency may be available to eligible sources.”
Information providers are able to send details via the Dark Web-based Tor network to the address: he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion.
Leveraging communities for information has been found to be an effective tactic to crowdsource intelligence. Coinfirm utilizes information providers on the industry-leading AML Platform.
What are the penalties for violating the Computer Fraud and Abuse Act (CFAA)?
The CFAA is a U.S. cybersecurity bill enacted in 1984. First-time offenders can expect a 5-year prison term in the U.S. for each offence. Repeat offenders will be given a 10-year sentence per offence. For some offences life imprisonment can be imposed. These terms are in addition to financial penalties.