US election hacking and the US Department of State’s rewards of up to $10 million for any information leading to the identification of any person who works with or for a foreign government for the purpose of interfering with US elections through “illegal cyber activities.”
This includes attacks against US election officials, US election infrastructure, voting machines, but also candidates and their staff.
I think it’s a smart move but the outcomes are highly uncertain for the time being. Most of the cybercriminals implicated in grand hacking campaigns will likely keep silent fearing arrest and prosecution for their past sins when communicating their details for payment. Moreover, in light of uncertain and ambiguous conditions of the bounty payment by the government. From the current context, it’s also a bit unclear whether the $10 million is to be apportioned for all of the reports or if it’s a per payment cap.
We will likely get a considerable volume of “false positives” or even fraudulent reports aimed to extort money from the government or frame up a rival. In the future, however, bounty awards for information about cyber criminals may become a formidable weapon of law enforcement. Frequently, technical sophistication, the unpreparedness of victims and crypto-currencies make data breaches technically uninvestigable and provide virtual impunity to cybercriminals. The sole tenable way to identify them is to get a hint from an ex-accomplice or a rival cyber gang. Thus, we may see a gradual growth of such bounty payments by governments in the near future as the last resort to curb the uncontrolled proliferation of cybercrime.