The State Department’s program offering rewards of up to $10 million for tips leading to the apprehension of cybercriminals is paying off, FBI Assistant Director for Cyber Bryan Vorndran said Wednesday.
“Recently the US government has also started to leverage something that was traditionally used in counterterrorism, Rewards for Justice,” Vorndran said. “It’s essentially incentivizing individuals who have intimate knowledge of a criminal conspiracy, whether nation-state or not, to report to the U.S. government. … That has actually born fruit at this point.”
The FBI declined to elaborate on Vorndran’s comment, which he made at the Billington Cybersecurity Summit in Washington on Wednesday afternoon. State also declined to comment and has a blanket policy forbidding confirmation of such payouts, a spokesperson said.
FBI’s cyber division began participating in Rewards for Justice in August 2020.
On the program website, State lists six Russian intelligence operatives who officials have blamed for the responsible for the infamous 2017 NotPetya attack and several members of the Conti ransomware gang. Anyone can submit tips through secure channels such as Signal, Telegram or via Tor.
Last month, Conti landed on the RFJ site for the first time. As of January, there have been more than 1,000 reported victims of Conti-linked attacks who have paid more than $150 million in ransoms, according to the FBI.
Rewards for Justice can have a paralyzing effect on cybercrime gangs even if no one is arrested, said Brett Callow, a threat analyst at the cybersecurity firm Emsisoft. Including Conti on the RFJ index is “going to create fear and paranoia and make it much harder for them to collaborate,” he said.
Another threat analyst, Allan Liska of Recorded Future, said he wouldn’t be surprised at all to learn that Conti members have been nabbed thanks to RFJ. “$10 million is a lot of money and Conti is really unpopular,” Liska said by text message.
The FBI and State are seeking information on Conti associates known as “Tramp,” “Dandis,” “Professor,” “Reshaev” and “Target.” A previous reward offer, announced May 6, promised $10 million for information leading to the identification and/or location of people who held “a key leadership position” in Conti.
During March congressional testimony, Vorndran highlighted the RFJ program, telling members that in November the FBI listed alleged Iranian hackers Seyyed Mohammad Hosein Musa Kazemi and Sajjad Kashian on RFJ.
Kazemi and Kashian have been charged with computer fraud, voter intimidation and transmission of interstate threats as part of a campaign that allegedly ran from August through November of 2020. The two are accused of posing as members of the Proud Boys, a right-wing nationalist hate group, and demanding that voters support former President Trump.