U.S. State Dept. Introduces NEW Cybercriminal Reward Program


July 20, 2021

Federal Government Introduces NEW Reward for Justice Cybercriminal Program

If you look closely at the walls of your local Post Office you might see something out of an old western movie. Wanted posters. Yes, that’s right. Wanted posters.

You see, the Federal Government still has a most-wanted list. It’s filled with all sorts of terrible people. Terrorists, murderers, etc. The kind of people you wouldn’t bring home to meet your mom. Well, those awful hombres are about to get some new company in the form of cybercriminals. And, if you know any of them, you could possibly net yourself $10 million for turning them in. With a few stipulations of course.

So what’s going on?

The U.S. State Department recently announced, via its Rewards for Justice Program (RFJ) that it’s hunting foreign cybercriminals who are conducting ransomware attacks at the behest of rogue nations.

According to the website linked above, to qualify for the reward, the individual must know or have information that leads to the capture of an individual who’s violated the Computer Fraud and Abuse Act (CFAA) by targeting U.S. critical infrastructure.

That includes things like:

  • Transmitting extortion threats as part of ransomware attacks
  • Intentional unauthorized access to a computer
  • Exceeding authorized access and thereby obtaining information from a protected computer
  • Knowingly causing the transmission of a program, information, code, or command with the intent of causing damage without authorization to a protected computer*

*Protected computers include those used by the United States Government but also financial institutions and computer systems used in or affecting interstate or foreign commerce or communication.

To help facilitate tipsters, and their (probable) desire to stay anonymous, the RFJ has created a Dark Web site (via Tor) for reporting information. Security7 won’t be reposting that link here but if you’re interested, you can find it on the RFJ website linked above.

What is the CFAA?

Figured this might be worth including, so here goes: The CFAA was introduced in 1984 as a means of ensuring cybercriminals were punished for their crimes. Believe it or not but the ENTIRE thing was drafted as a response to the movie WarGames (starring Matthew Broderick and Ally Sheedy) where teenager David Lightman (Broderick’s character) breaks into a Missle Defense System housed in Cheyenne Mountain Complex.

Seriously…you can’t make this stuff up.

ANYWAYS, the act has been amended a handful of times over the years (including by the USA Patriot Act and the Identity Theft Enforcement and Restitution Act) so it’s got a pretty controversial history.

If you want to read the CFAA you can do so here at law.cornell.edu. There’s a lot of important information in there and it’s not very long…but I can’t blame you if you want to watch WarGames instead.

Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

Carl Keyser is the Content Manager at Integris.

Keep reading

Strong Cybersecurity Postures: How to Unleash their Power

Strong Cybersecurity Postures: How to Unleash their Power

In the vast digital landscape where virtual dragons and sneaky trolls roam a strong cybersecurity posture has never been more important. Imagine a band of modern-day knights led by our protagonist, Alex. Armed with a trusty laptop and a cup of coffee, Alex navigates...

How to Spot a Phishing Attack in 2023

How to Spot a Phishing Attack in 2023

In 2023 cyber threats lurk behind every tree trunk in today's digital jungle, and cybersecurity awareness is more critical than ever. Among the craftiest of these threats are phishing attacks. Phishing attacks are cunningly engineered with social manipulation at their...

How to Choose an IT Consultant in Boulder, CO

Regardless of industry size or type, Boulder IT consultants play a massive role in the way companies in the Boulder area do business. While most companies may have their own in-house IT department, many of these departments are small and cannot handle all the...