US offers $10 million reward for info on state-sponsored hackers disrupting critical infrastructure

The US State Department has announced today its intention to offer rewards of up to $10 million for any information that helps US authorities identify and locate threat actors "acting at the direction or under the control of a foreign government" that carry out malicious cyber activities against US critical infrastructure.

Today's announcement comes after the US has seen an increase in cyber activity targeting its critical infrastructure sectors, including a spike in ransomware incidents. Some of these attacks, such as those on JBS Foods and Colonial Pipeline, impacted US food and fuel supply for days, even creating a small panic among the US population in certain areas.

Many cyber-security companies and industry experts have blamed Russia, accusing the Kremlin of tolerating and allowing these gangs to operate from its borders on the condition they don't attack Russian organizations.

Other gangs have been seen operating from China, Iran, and North Korea.

Through its announcement today, the State Department is looking for proof that these gangs are operating with some sort of help or guidance from local regimes.

The reward is offered through the State Department's Rewards for Justice (RFJ) program, the same system through which the US previously offered a $5 million reward for info on North Korean state-sponsored hackers and a $10 million reward for information on any state-sponsored hackers meddling in US elections.

To facilitate tips, the State Department said it was willing to pay rewards in cryptocurrency and even set up a specialized dark web portal to receive anonymous tips. The website can be found at:



Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Catalin Cimpanu

Catalin Cimpanu

is a cybersecurity reporter who previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.