The United States on Thursday (July 15) offered $10 million rewards for information on online extortionists abroad as it stepped up efforts to halt a sharp rise in ransomware attacks, which US officials say often originate in Russia.
The US State Department said it would pay $10 million to anyone who can identify or locate a person who attacks US critical infrastructure online "while acting at the direction or under the control of a foreign government."
As part of a concerted push, the federal government also unveiled a website, StopRansomware.gov, that offers guidelines to businesses, groups and individuals both on how to protect themselves and how to respond to attacks.
The Justice Department is "working to bring all our tools to bear against these threats," US Attorney General Merrick Garland said.
"But we cannot do it alone. It is critical for business leaders across industries to recognise the threat, prioritise efforts to harden their systems and work with law enforcement by reporting these attacks promptly."
This year has seen a slew of prominent ransomware attacks that have disrupted a major US pipeline, a meat processor and the software firm Kaseya, which affected 1,500 businesses, many of them far from the limelight.
Victims paid $350 million to malicious cyber actors last year, a spike of 300% from 2019, according to the US Department of Homeland Security.
US officials say that many of the attacks originate in Russia.
US President Joe Biden raised ransomware forcefully in a summit last month with his Russian counterpart Vladimir Putin and more recently in a phone call on July 9, threatening to take action directly if Moscow does not curb cyber crime.
"President Biden underscored the need for Russia to take action to disrupt ransomware groups operating in Russia and emphasised that he is committed to continued engagement on the broader threat posed by ransomware," the White House said in a statement.
"President Biden reiterated that the United States will take any necessary action to defend its people and its critical infrastructure in the face of this continuing challenge."
A history of malicious activity
The United States on April 15 announced sanctions and the expulsion of 10 Russian diplomats in retaliation for the Kremlin's US election interference, a massive cyber-attack and other hostile activity.
Among other measures, Washington sanctioned six Russian technology companies accused of supporting Moscow's cyber intelligence activities, particularly the SolarWinds hack discovered in December, which compromised thousands of US government and private sector computer networks.
The sanctions respond to "malicious cyber activities against the United States and its allies and partners", said the White House.
Earlier, last October, the US government charged six GRU officers in absentia with carrying out cyber-attacks on Ukraine's power grid, the 2017 French elections and the 2018 Winter Olympics. The GRU is Russia's military intelligence agency.
The six Russian agents were also accused of staging a 2017 malware attack called "NotPetya" that infected computers of businesses worldwide, causing nearly $1 billion in losses to three US companies alone.
In addition, they allegedly targeted for obstruction international investigations into the nerve agent poisoning in England in 2018 of Russian former double agent Sergei Skripal and his daughter, as well as waging cyber-attacks on media outlets (2018) and parliament (2019) in Georgia.