Posted on November 6, 2021 at 11:45 AM
The US Department of State has announced that it will be giving out a reward of up to $10M for anyone with information that could lead to the identification and arrest of the hacking group linked to the Colonial Pipeline hack.
The press release issued by the Department stated that this reward would be given to anyone who will identify or locate one or several of the leaders of the DarkSide ransomware group. DarkSide was the group linked to the hack on Colonial Pipeline, which resulted in millions of losses from the organization.
Department of State promises rewards to whistleblower
The Department of State has also added that it will add a reward of up to $5 million to anyone with information that will result in the arrest and conviction of people participating or willing to participate in the actions of the DarkSide ransomware group.
The Department added that it is seeking to arrest and convict the members of this hacking group due to their association with the hack on Colonial Pipeline hack. The hack was one of the largest in US history because it led to the total disruption of the activities of the 5500-mile pipeline. The pipeline accounts for around 45% of the entire fuel used on the East Coast of the United States.
In offering this reward, the United States demonstrates its commitment to protecting ransomware victims worldwide from exploitation by cybercriminals. The United States looks to nations who harbour ransomware criminals that are willing to bring justice for those victim businesses and organizations affected by ransomware,” the report stated.
The announcement also adds that the reward of $10 million promised by these hackers will be provided under the Transnational Organized Crime Rewards Program (TOCRP), a program operated by the Department of State.
The Department of State runs the TOCRP organization with the help of the federal government. The two work together as part of the government’s efforts to disrupt the operations of organized crimes globally. Through the initiative of this group, over 75 transnational criminals and narcotics dealers have been arrested and convicted. The initiative has also paid rewards of over $135 million to date.
The recent offer from the Department of State is among the ways that the US is using to fight cybercrime. The monetary rewards offered under this bounty are given under the Rewards for Justice (RfJ) program. The program was established in 1984 to fight international acts of terrorism.
The US is now using part of these funds to fight cybercriminals. In July, the US Department of State partnered with the RfJ to start offering a $10 million reward to individuals with information that will help identify people participating in “malicious cyber activities against US critical infrastructure.”
The heavy bounty issued by the State Department could be because of the complex levels it takes for hacking groups to hide their identities. Hacking groups can very easily go under the radar and change their names before attacking organizations using the same strategies.
However, while the user names may seem different, the hacking groups are usually identified by the kind of tools and techniques that they use. Related software and techniques can be used to pinpoint the types of hackers and their lineage.
DarkSide ransomware group
DarkSide ransomware group was responsible for one of the greatest hacking attacks in the US. The extent of the hack was so severe that it took several weeks before the full operations of the pipeline were restored.
The magnitude of this hack was so huge that even DarkSide came out to issue an apology, stating that it did not expect the hack to have the kind of huge effect that it did. The group even issued an apology for the social consequences caused by the attack.
The group stated that its objectives were to make money and not to cause a societal disturbance. The FBI had initially confirmed that it was indeed DarkSide that was responsible for the Colonial Pipeline hack.
The apology that the group posted on its dark web forum stated that, “We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for other our motives.”
Following the size of the attack, the DarkSide group is assumed to have gone under the radar because it has not been associated with other attacks since. However, US officials have stated that the group has changed its name to BlackMatter. The group uses similar tactics and techniques to DarkSide.