US State Department Launches Huge Cryptocurrency Reward for Dark Web Informants for Information on Hackers Who Conducted Cyberattacks on US

When hackers and cybersecurity experts arrived in Las Vegas last week for the prestigious cybersecurity conference Black Hat, they may have noticed an open Wi-Fi network called "#Rewardsnotransoms. It's not the kind of network that's usually unprotected, but in this case, that's the point. By logging in or scanning QR codes on T-shirts and flyers also distributed on the conference floor, attendees will be taken to a page on a new State Department program that offers up to $10 million to dark web informants with a government-backed background in hacking.

Las Vegas is pushing the information to such a targeted online audience because for the first time in the nearly four decades of the Rewards for Justice program, informants can choose to receive payments in cryptocurrency and send sensitive information to the U.S. government through a secure portal on the dark web. The State Department's quiet announcement last month came amid a series of other actions by the Biden administration to strengthen the country's cybersecurity.

In an acceptance speech, a State Department official said, "There's a lot of enthusiasm in our program because we're really doing everything we can to try to reach audiences, sources and people who might have information that could help improve our national security. "It's also the first time ever that this may be edgy for some government agencies, but we're going to continue to move forward in many different ways."

In the past few months, the Biden administration has accused Russian-hired hackers of breaking into multiple government agencies and departments in the U.S. The goal of RFJ's new reward is to extract useful information from the types of hackers who may know people involved in such operations. State-sponsored attackers targeting protected computers, such as those used by the U.S. government, financial services and various infrastructure sectors, are the RFJ's targets.

Something that allows complete anonymity and an initial level of security on the dark web might be more appropriate for these individuals," another State Department official said. The State Department declined to put the official's comments on the record, so I think just finding out where they are and getting in touch with them using the technology they are most comfortable with is the name of the game for Rewards for Justice."

The new cryptocurrency reward offer comes from a program typically associated with rewarding terrorists, which says up to $10 million can be paid to identify or locate state-sponsored hackers who attack U.S. government systems and critical infrastructure such as water, electricity or transportation. (The highest reward ever offered by RFJ was $25 million for the possibly dead al-Qaida leader Ayman al-Zawahiri.)

The State Department says the recent spate of cyberattacks and the Biden administration's verbal response to them are not what is driving the new cryptocurrency rewards. Rather, the government's growing focus on national cybersecurity was a fortuitous time for RFJ to launch. "We've been working on this for a long time, and it coincided with a very good time for us to manage to get it launched, because critical infrastructure and ransomware are at the top of the news for attacks, so to speak, which is a major concern for the U.S. government." said the first official from the Diplomatic Security Service, which oversees RFJ.

Dark Web tips

RFJ's dark web sites can be accessed using Tor, the most commonly used browser for the dark web, a hidden part of the Internet that is invisible to regular search engines. Using Tor to access the dark web allows users to remain anonymous. Officials said tips about malicious Web actors have surfaced in the weeks since the site was launched. Because of the sensitivity of the information and the source, they declined to say how many or describe them, adding that it's too early to say whether they will lead to anything. "It's not a quick process. We're taking cues. We're evaluating the tips. We're going to share those cues with our interagency partners. And then they have to use that information and reach out and start investigating." One official said. "It's a long-term process."

The U.S. government has used it successfully to receive needed information on the dark web. in 2019, the CIA launched its own Onion website - known on the Tor network - for recruiting and receiving tips, recognizing that it needs to be present in areas where people feel more secure.

A U.S. official told CNN that in the two years since the site was launched, the CIA has received a variety of tips, including terrorist plots.

The official said, "The CIA has received validated information on terrorist networks and attack plans, intelligence issues, cyber and technology issues, and crime, among other areas." The information received can then be confirmed with existing intelligence data or can be used to further validate intelligence already obtained.

Now, the State Department is working to become a central clearinghouse for information that people are trying to reach the U.S. government. State Department officials say RFJ's global visibility around the world and in the field, in dozens of different languages, has helped solidify its position as "an interlocutor for information to our national security partners."

"I think in the coming months and years we will develop such an efficient and successful process that our partners at the National Security Council will see us as one of the most effective and reliable ways to get information about the national security threats they are trying to thwart." Another official said.

Congress authorized RFJ to issue awards on cyberattacks in 2017, and they have since issued two specific awards related to North Korean cybercrime and foreign cyber election meddling. The new rewards apply only to state-sponsored actors, and therefore do not apply to criminal hackers who recently shut down gas pipelines and food processing plants as a result of major attacks. Cryptocurrency payments reflect the changing times and join the list of different types of payments that can be made.

Suitcases full of cash

"We offer wire transfers, we can actually still deliver - and do deliver - suitcases filled with cash, and we can offer physical rewards," the diplomatic security official said. Recipients will now be able to choose whatever cryptocurrency they prefer. Typically, a second official said, it's not even about the money. The official said, "A disproportionate number of our sources may not even be the ones paid by RFJ, but may still result in positive national security outcomes for our partners."

Bill Evanina, CEO of the Evanina Group, said the State Department's attempt at cryptocurrency is undoubtedly the most public the U.S. government has ever made, but it has been used before. He spent three decades with the FBI and CIA, retiring this year as director of the National Counterintelligence and Security Center.

"My knowledge of this is more in the super-secret area." Evonne said, but declined to say more. The Office of the Director of National Intelligence, the National Security Agency, the Central Intelligence Agency and the FBI all declined to comment on how the intelligence community and law enforcement use cryptocurrencies. "It's inconceivable that the government is not using cryptocurrency to pay undercover informants or sources." said Erez Liebermann, a former Justice Department cybercrime prosecutor.

Money is still king

The mainstream effect of the government openly using cryptocurrencies for payments is good news for cryptocurrency advocates. "We've long suspected that law enforcement agencies are exploiting the properties of cryptocurrencies," said Neeraj Agrawal of the Coin Center, a Washington think tank that advocates for cryptocurrencies. "It's good to see the government recognizing the role cryptocurrencies can play in promoting radicalism."

Experts who analyze and deal with malicious cyber actors say it remains to be seen whether the potential windfall of millions will resonate with those inclined to provide information to sophisticated hackers employed by powerful countries such as Russia. They may fear a crackdown by the countries they work for or have concerns about the U.S. government's ability to track payments.

"They say there's no honor among thieves. I think you're still going to get good leads." Chris Pant, who is the State Department's first senior cyber diplomat and co-chair of the Ransomware Working Group, which is made up of public and private sector groups, said. "If [informants] can do this anonymously and get paid anonymously, even if they're quasi-state-funded, they'll probably do it. Because money is still king."

Despite the perception that cryptocurrency is safe, the Biden administration has made it clear that tracking it is a top priority in the fight against ransomware. The FBI recently recovered more than $2 million in bitcoin that they say came from ransom payments to the DarkSide group Colonial Pipeline, whose attacks led to the shutdown of key East Coast pipelines in May.

More Reward Offers Coming

"Will potential informants believe their anonymity will be protected?" Emsisoft threat analyst Brett Callow asked. "Any potential informant is also a cybercriminal and can only snitch if they are confident they can be safe." Still, Painter and Cameron Burks, former chief of staff of the Diplomatic Security Service, both say the simple fact that something new is being tried should be celebrated. "

I've always felt the RFJ program could have done more." Burks said, "And this initiative, I think, really shows a commitment to forward-looking innovation in going after the bad guys, and I think that's going to pay dividends. I'm very proud to see it." "I'm really surprised," Burks added, "by the administration's efforts to try to do something as forward-looking as this."

State Department officials said they expect to offer more incentives on cybersecurity "soon" and that the use of cryptocurrencies is expected to expand. "The program is evolving." One official said. "I think this cryptocurrency proposal is something that we will use for other types of rewards in the future. It could encourage other types of sources to come to us with information that they may not have been willing to come to us with before."