US Offers $10 Million Bounty For DarkSide Ransomware Operators

wiredmikey shares a report from SecurityWeek: The U.S. government wants to find the people responsible for the Colonial Pipeline ransomware attack (and many others) and it's putting up multi-million rewards for data on the operators behind the DarkSide extortion campaign. The Department of State on Thursday offered up to $10 million for information leading to the identification or location of senior members of the DarkSide gang that caused major gas disruptions earlier this year. In addition, the U.S. State Department is offering a reward of up to $5 million for information leading to the arrest and/or conviction in any country "of any individual conspiring to participate in or attempting to participate in a DarkSide variant ransomware incident." "In offering this reward, the United States demonstrates its commitment to protecting ransomware victims around the world from exploitation by cyber criminals," it added. "The United States looks to nations who harbor ransomware criminals that are willing to bring justice for those victim businesses and organizations affected by ransomware."

too bad we can't spend that much on security

[drinkypoo]

Instead of paying ransoms for these guys, how about spending that money on security? Specifically, on programs to mandate that utilities actually implement some, and fining them when they don't? Nobody should be permitted to run a utility in such a slipshod manner, because we depend on them for our society to function.

Re:

[Paradise Pete]

Instead of paying ransoms for these guys, how about spending that money on security?

Why instead? Why not both?

Re:too bad we can't spend that much on security

[drinkypoo]

It encourages schemes, and the ROI is poor. Paying a bounty for one attacker does nothing to protect from the next attacker. It's a waste of money.

Re:

[cascadingstylesheet]

It encourages schemes, and the ROI is poor. Paying a bounty for one attacker does nothing to protect from the next attacker. It's a waste of money.

Meh, it's a balance.

You seriously don't think that bounty hunters discourage crime?

Re:

[drinkypoo]

You seriously don't think that bounty hunters discourage crime?

Not even slightly. Most people who commit crimes don't think they will get caught because they're so much smarter than everyone who did. Most of the rest are desperate enough to go for it even if they know the risks.

Re:

[PPH]

Law enforcement isn't necessarily about ROI. We spend what it takes to bring criminals to justice. You can't escape by demonstrating a negative cost/benefit analysis to the police.

And it does discourage subsequent sane attackers. So that leaves the crazy ones. The sort who will risk death to commit minor crimes by evading a traffic ticket for example. Or those who are acting in a military or intelligence capacity where cost/benefit is also not a factor to the individuals involved. Definitely a possibility

Re:

[drinkypoo]

Law enforcement isn't necessarily about ROI. We spend what it takes to bring criminals to justice.

Nonsense. It's all about ROI. Law enforcement spends much of its time in purely revenue-generating schemes.

You can't escape by demonstrating a negative cost/benefit analysis to the police.

Who can't escape what? Lots of people "escape" prosecution because it's not considered worth going after them. For example, the rich, for tax fraud.

And it does discourage subsequent sane attackers. So that leaves the crazy ones.

Is thinking you won't get caught crazy? Because lots of criminals are not caught.

10M will upgrade like 2-3 plants with newer hardwa

[Joe_Dragon]

10M will upgrade like 2-3 plants with newer hardware so they can get off of older os's?

Re:

[drinkypoo]

Utility companies tend to have plenty of money to spend on upgrades, they only don't because that would interfere with profits, not because they literally can't afford it. They know that if they fail they will get bailed out one way or another, most importantly in a way that won't affect the executives' golden parachutes.

Easy money

[lhaeh]

So, if you are with DarkSide, just find some wannabe hacker you don't like, backdoor them, and plant some stuff. Turn them in for the reward, done.

  They will have a bunch of sketchy stuff on their computer already, so not much of a stretch. Just add some chat logs, change the last modified dates, stuff like that.

As a bonus, you get immunity.

Just some signaling?

[Klaxton]

My guess is that they will find out what we already know, these people are in Russia and they can't be extradited. But I suppose an identification could at least prevent them from traveling, and possibly allow for the tracking of their money.

Re:

[LostMyAccount]

It could be signaling that by putting dollars on the barrelhead we're taking this seriously enough that we're now actually bounty *hunting* some of these people with paramilitary and direct action assets.

Criminal trials and prison sentences are better, but plausible deniability assassinations that look like local gang/mob rivalries aren't bad, either.

The Russian-based actors are much harder to deal with, but I'd wager some of the actors would rather not seek haven Russia if it means being co-opted by state

Hold up!

[Gravis Zero]

How much are DarkSide ransomware operators offering for me to not turn them in? ;)

And then I'll turn them in anyway and collect $$$ twice :D

Does anyone actually get paid the reward?

[innocent_white_lamb]

Genuine question: Does anyone actually end up collecting rewards of this type from the US government? "Up to ten million dollars" leaves enough wiggle room for the amount actually paid to be 95 cents; that's less than ten million dollars.

When the chips are down, does the US government use loopholes and ambiguities to avoid actually paying rewards?

Get serious

[argStyopa]

make it "dead or alive".

Simple Solution

[JKanoock]

Just remove their ability to get paid, FFS, problem solved.

NSA

[bill_mcgonigle]

With NSA's budget these guys still stayed private?

Perfect opsec or NSA inability?

Re:

[IonOtter]

Nah. They know exactly who it is and where they are.

The problem is they can't actually do anything with that information, because then the Russian government will know they've got leaks, and will promptly plug them up.

No, this is espionage theater.

If they put out a large enough bounty, it's reasonable to presume that someone in the group will start to get nervous, or greedy, and will defect to either seek immunity, or profit. But even if they're all fanatically loyal, simply introducing the possibility of

People responsible for ransomware

[takionya]

“The U.S. government wants to find the people responsible for the Colonial Pipeline ransomware”

That would be this bunch of shysters and shakedown artists known as Microsoft [headquartersinfo.com]:

"Microsoft, as everyone knows, started as a small business in a garage, but the business didn’t stay small.

Because his school gave billg free time on the PDF to develop BASIC and his mother know someone on the IBM board that gave billg the contract for PC-DOS. and billgs lawyer dad got IBM to allow Microsoft t