The U.S. State Department has dangled a $10 million reward for information that helps the agency finger anyone working with a foreign government to hack into a federal, state or local election.
In what could be seen as the cyber version of “see something, say something,” the agency is specifically looking for cyber operatives aiming hacking campaigns at “election or campaign infrastructure” that violate the Computer Fraud and Abuse Act. The legislation, which dates to 1986, criminalizes unauthorized computer intrusions and other forms of digital fraud.
Among other offenses, the statute prohibits actions to gain unauthorized network access to obtain information and “transmit it to unauthorized recipients,” the State Department said through its counter terrorism Rewards for Justice program issued last week.
“Foreign adversaries could employ malicious cyber operations targeting election infrastructure, including voter registration databases and voting machines, to impair an election in the United States,” the agency said. “Such adversaries could also conduct malicious cyber operations against U.S. political organizations or campaigns to steal confidential information and then leak that information as part of influence operations to undermine political organizations or candidates.”
The Rewards program, established under the 1984 Act to Combat International Terrorism, has paid out some $150 million to more than 100 people worldwide for information on terrorism and national security-related issues. It is run by the State Department’s Diplomatic Security Service.
Because there’s no shortage of election-related cyber attacks, figure that there’s going to be a good number of people lining up for the reward money with information to share. For example, two months ago, Google’s threat analysis group found evidence that Chinese and Iranian hackers have attempted to bore in on the presidential campaigns of Joseph Biden and President Donald Trump, using email phishing to get a foot in the door.
And, at the beginning of August, an Area 1 report found that most state and local election administrators are inadequately armed to fight off phishing tactics used by hackers intent on breaking into networks. It should be noted that the House has approved $500 million in election security funding for states as part of a $1.3 trillion appropriations package for fiscal 2021.
At the beginning of this year, the Federal Bureau of Investigation said it will notify state officials when a local election has been hit by hackers, a course reversal from a prior closed door policy not to extend notification beyond victims of cyber attacks.