Details of the State Department’s Bounty
The details of the DarkSide bounty are provided below:
The department announced a reward of up to $10 million for information that leads to the “identification or location of any individual(s) who hold(s) a key leadership position in the DarkSide ransomware variant transnational organized crime group.” It also announced an additional reward of up to $5 million for information that leads to “the arrest and/or conviction in any country of any individual conspiring to participate in or attempting to participate in a DarkSide variant ransomware incident.”
The U.S. State Department announced the bounty via a press release on Thursday, November 4th. The bounty is offered under its Transnational Organized Crime Rewards Program (TOCRP). In the past, the Department has offered rewards under its Rewards for Justice program. For example, in July this year, it offered a $10 million bounty for information on state-backed hackers. To date, the Department has paid over $135 million in rewards under the TOCRP.
U.S. Government’s Recent Moves to Combat Ransomware
The US and its federal agencies have been alert and responsive to ransomware threats. Several agencies such as the Cybersecurity and Infrastructure Agency (CISA) and the Federal Bureau of Investigation (FBI) put out advisories on growing cyber threats, such as the BlackMatter Ransomware and threats to the U.S. food and agriculture sector. These advisories include information and resources to help vulnerable organizations. Other agencies, such as the Department of Treasury, have also undertaken measures to address the rise in ransomware attacks. According to the Department, ransomware payments made by U.S. companies in 2020 exceeded $400 million. Recently, the U.S. has taken an aggressive approach to tackle high-profile hacking groups. In the last few weeks, the U.S. has managed to take down some big names. For example, the BlackMatter Ransomware Gang decided to shut down its operations due to the growing pressure from international authorities. The group is believed to consist of former members of DarkSide. Last month, several U.S. law enforcement agencies worked together to take the REvil ransomware gang offline. Apart from nabbing cybercriminals, the U.S. has also placed sanctions on nation-states for their roles in cyberattacks, such as Russia for the SolarWinds hack.
