The State Department is offering a reward of up to $10 million for information that would link the CL0P Ransomware Gang or any other malicious cyber actors targeting U.S. critical infrastructure to a foreign government.
The State Department is offering the payout through its Rewards for Justice (RFJ) program, originally established in 1984 to combat terrorist threats.
In a tweet, RFJ said it is looking “for information on the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act.”
The tweet encouraged individuals to send their information to RFJ on Signal, Telegram, WhatsApp, or via its Tor-based tip line.
The offer comes after the Cybersecurity and Infrastructure Security Agency (CISA) confirmed earlier this month that a cyberattack impacted several Federal agencies who saw intrusions affecting their MOVEit applications.
CISA and the FBI published a joint cybersecurity advisory on June 7, warning that cyber threat actors could exploit a vulnerability to steal data from Progress Software’s managed file transfer solution, known as MOVEit. The agencies tied exploitation of the vulnerability to the CL0P Ransomware Gang.
CISA Director Jen Easterly told reporters on June 15 that CISA is “not tracking any significant impacts to the Federal civilian executive branch (.gov) enterprise,” and is continuing to work with Progress Software, the FBI, and Federal partners on this issue.