The United States is committed to holding accountable those who deploy ransomware against American interests and those of its allies.
To support its commitment to countering ransomware [and cyber incidents], the State Department is offering a reward of up to $10,000,000 for information leading to the identification or location of any individual holding a leadership position in the Sodinokibi ransomware transnational organized crime group. In addition, the Department is offering a reward of up to $5,000,000 for information leading to the arrest and/or conviction in any country of any individual conspiring to participate in or attempting to participate in a Sodinokibi ransomware incident.
The Sodinokibi ransomware group, also known as REvil, was responsible for the ransomware incident that affected JBS Foods, a provider of agricultural products primarily to Australia and the United States, which caused a major disruption in food processing and delivery. Sodinokibi also compromised Kaseya, an IT management company that provides network, application, and infrastructure services to thousands of small businesses and managed service providers. The incident not only impacted Kaseya’s operations, but also those of its clients around the world.
This reward is offered under the Department of State’s Transnational Organized Crime Rewards Program. The Department manages the program in close coordination with its federal law enforcement partners to disrupt and dismantle transnational organized crime globally, including cybercrime.
More than 75 transnational criminals and major narcotics traffickers have been brought to justice under the Transnational Organized Crime Rewards Program and the Narcotics Rewards Program since 1986. The Department has paid more than $135 million in rewards to date.
“The United States remains committed to protecting all ransomware victims around the world from the exploitation of cyber criminals,” said State Department spokesperson Ned Price, “and we look to nations who harbor ransomware criminals to bring justice for businesses and organizations victimized by ransomware incidents.”