US Offers $10M Bounty on Russian Cyber Spies Targeting Critical Infrastructure

In a significant escalation in its fight against foreign cyber threats, the U.S. State Department has announced a reward of up to $10 million for information leading to the identification or location of state-sponsored Russian hackers targeting American critical infrastructure.

The bounty is being offered through the long-standing "Rewards for Justice" (RFJ) program, a powerful tool typically used to gather intelligence on terrorists. Its application to state-sponsored cybercriminals signals a more aggressive posture from Washington in holding foreign adversaries accountable for malicious cyber activities.

Who Are They Targeting?

The announcement specifically names notorious hacking groups widely believed to be operating under the direction of Russia's intelligence agencies. This includes groups like APT28 (also known as Fancy Bear), which was implicated in the 2016 DNC hack, and other entities known for targeting energy grids, financial systems, and government networks in the U.S. and allied nations.

"Malicious cyber activity targeting U.S. critical infrastructure is a threat to our national security. We will use every tool at our disposal to identify and bring these actors to justice, wherever they may be." — U.S. State Department Spokesperson (Statement)

A Shift in Strategy

Cybersecurity experts see this move as a strategic shift. While indictments and sanctions have been the primary tools against foreign hackers, they are often ineffective as the individuals remain out of reach in their home countries. By offering a substantial financial incentive, the U.S. government hopes to encourage insiders or associates to come forward with actionable intelligence that could help disrupt these operations.

The announcement is a clear warning to cybercriminals and the nations that harbor them, demonstrating that the United States is prepared to use unconventional methods to defend its digital borders and protect its most vital systems.