In an intensified effort to combat cyber crime, the US State Department's Rewards for Justice (RFJ) programme has revealed a bounty of up to $10 million for information linking the recent Clop ransomware attacks to a foreign government. The announcement follows a wide range of disruptive cyber attacks launched by the Cyber Criminal and Ransomware Clop, which started last month and has resulted in the data of many large multinational businesses being stolen by exploiting a zero-day vulnerability in the MOVEit Transfer security file transfer platform. These attacks led to data breaches in potentially thousands of businesses, with data of hundreds of thousands of people being stolen, with the malicious threat actors threatening to publish the stolen information on the Dark Web unless a ransom is paid.
The RFJ programme, a longstanding initiative of the US Department of State, offers financial incentives for crucial intelligence about threats to US national security. Initially designed to gather information on terrorist activities, it has evolved to include cyber threats, addressing infamous groups such as the Conti ransomware operation, Russian Sandworm hackers, REvil ransomware, and the Evil Corp hacking group. The Clop ransomware group, which emerged in 2018 as a standard ransomware actor, has publicly claimed that its operations are solely financially driven, with no political interest. In the recent MOVEit attacks they have even gone as far as stating that all data gained from the attacks from government agencies had been deleted. However, the lack of verifiability has necessitated federal agencies to operate under the assumption that stolen data could be misused or fall into the hands of foreign governments.
The RFJ programme aims to thwart further attacks by encouraging individuals, including potential insider threat actors, to submit valuable information about the Clop operation in exchange for a significant financial reward. To facilitate the process of tipping, the State Department has established a dedicated Tor SecureDrop server for the safe and secure submission of information about Clop and other cyber threat actors. It is hoped that this new development in the fight against cyber crime will generate valuable leads and help curb the activities of the Clop ransomware group, whose actions have been causing significant disruption and concern worldwide.
Many Cyber Security specialist however have called into question the effectiveness of such programs in capturing cyber criminal groups or causing disruption to further Cyber Attacks. At One2Call we work with businesses across the UK to ensure that, regardless of where they come from, they are always protected from the latest cyber threats. We work to; understand your business, how you opporate, who has access to what and much more besides. We can help you put the best practices, policies and solution in place that will protect your business and its data from attack, now and into the future, through solution such as;