The U.S. Department of State is offering a $10 million reward to find anyone in a "key leadership position" in the group behind a ransomware attack that disrupted operations of one of the largest suppliers of fuel in the U.S. earlier this year, the agency announced Thursday. Ransomware attacks — in which hackers lock up and encrypt data and demand often-exorbitant sums to release it to victims — have exploded in the last year.
Colonial Pipeline, which supplies roughly half the fuel consumed on the East Coast, paid more than $4 million after a May attack that led it to halt operations, though the Justice Department clawed the majority of it back after identifying the virtual currency wallet of the culprits.
Though the FBI has historically discouraged ransomware payments for fear of encouraging cyberattacks, Colonial officials have previously said they saw the transaction as necessary to resume the vital fuel transport business as rapidly as possible.
The State Department said Thursday the $10 million reward is "for information leading to the identification or location of any individual(s) who hold(s) a key leadership position in the DarkSide ransomware variant transnational organized crime group," the agency said in a press release.
Another $5 million is being offered for information leading to the arrest and/or conviction of anyone conspiring or attempting to take part in an effort to use the DarkSide variant. That reward is good if the arrest and/or conviction happens in any country.
Deputy Attorney General Lisa Monaco, the No. 2 official at the Justice Department, said that “in the days and weeks to come, you’re going to see more arrests," more seizures of ransom payments to hackers and additional law enforcement operations in general.
“If you come for us, we’re going to come for you,” Monaco said in an interview with the AP this week. She declined to offer specifics about who in particular might face prosecution.
Ransomware attacks have flourished even as the federal government grapples with more old-fashioned, albeit sophisticated, cyber espionage. The Justice Department was among the agencies hit hard by the SolarWinds breach, in which Russian government hackers exploited a supply chain vulnerability to gain access to the networks of federal departments and private companies.
JBS, the world's largest meat processor, said in June that it had paid $11 million following a hack by a Russian group known as REvil, which weeks later carried out a massive ransomware attack that snarled businesses around the world.
The rewards are offered under the state department's Transnational Organized Crime Rewards Program, the State Department said.
Correction: An earlier version of this story said the reward came from the Justice Department, not the State Department.