State Department offers $10 million to bring DarkSide ransomware leadership to justice

High-profile ransomware cases like the attack on Colonial Pipeline last year have got the industry’s attention. Today’s columnist, Shaun Bertrand of CBI, offers four tips on how security teams can mitigate ransomware. (Michael M. Santiago/Getty Images)

The Department of State announced a $10 million reward for information leading to the "identification or location" of leaders of the DarkSide ransomware group. A smaller $5 million bounty was placed on "any individual conspiring to participate in or attempting to participate in a DarkSide variant ransomware incident."

DarkSide was an affiliate ransomware program best known for the Colonial Pipeline attack in May, which temporarily shut down the largest fuel distribution network along the East Coast. The program went dark after the attention it received for the attack, later relaunching as BlackMatter. BlackMatter announced it would close operations earlier this week.

"In offering this reward, the United States demonstrates its commitment to protecting ransomware victims around the world from exploitation by cyber criminals [sic]. The United States looks to nations who harbor ransomware criminals that are willing to bring justice for those victim businesses and organizations affected by ransomware," wrote State spokesman Ned Price in a press statement.

The reward will be handled through the State Department's Transnational Organized Crime Rewards Program (TOCRP).

DarkSide's abrupt exit after Colonial Pipeline left many of its affiliates in the lurch, as will this week's exit. Coding error's in both DarkSide and BlackMatter meant that Emsisoft was able to circumvent negotiations and decrypt victim's systems without payment, costing affiliates "tens of millions" of dollars.

"I wonder whether the former Darkside/BlackMatter affiliates who...lost millions and millions of bucks due to the gang's ineptitude, will be tempted by this cash? Hmm," tweeted Emsisoft's Brett Callow, linking to Nicole Perlroth's New York Times story on his firm's BlackMatter decryptor.

Joe Uchill

Joe is a senior reporter at SC Weekly, focused on policy issues. He previously covered cybersecurity for Axios, The Hill and the Christian Science Monitor’s short-lived Passcode website.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.