The announcement Thursday from State Department spokesperson Ned Price also included an offer of $5 million for information leading to the arrest or conviction of anyone who conspires to participate in a hack involving so-called DarkSide ransomware, which was used in the Colonial Pipeline incident.
It’s the latest effort by the Biden administration to put pressure on cybercriminals that have extorted millions of dollars from US companies and threatened critical infrastructure. President Joe Biden in June appealed to Russian President Vladimir Putin to take action against ransomware groups operating from Russia, but it remains to be seen if that will happen.
It’s not the first time the State Department has offered big money to try to catch foreign hackers.
Ahead of the 2020 election, the department said it would pay up to $10 million for information on the identity or location of anyone using “certain illegal cyber activities” to interfere with the vote at the behest of a foreign government.
“We need to use all the tools we have, and this is a good and hopefully effective one,” Christopher Painter, a former top State Department cybersecurity envoy, told CNN.
The Colonial Pipeline incident shut down fuel deliveries to the East Coast of the US for days, prompting long lines at gas pumps in multiple states. It also put ransomware higher on the national security agency for the Biden administration, which since the incident has issued multiple cybersecurity policy directives.
As the Biden administration pressures Russia to curb cybercriminal activity, US law enforcement and their international partners are pursuing suspects outside of Russia.
A 38-year-old Russian man accused of being part of a cybercrime that infected US computers with ransomware was extradited from the South Korea to the US last month. He faces computer fraud charges in a federal court in Ohio.
US intelligence agencies have also had a role in the crackdown.
Russian government responses are harder to measure.
Chris Inglis, the US National Cyber Director, told lawmakers on Wednesday that the US had seen a “discernible decrease” in Russia-based hacks against US organizations since the Biden-Putin summit, but that it was “too soon to tell” if that lull in some ransomware activity was “because of the material efforts undertaken by the Russians or the Russian leadership.”