The US State Department is offering a $10 million bounty for information relating to the notorious ‘BlackCat’ ransomware group that carried out the cyber attack on UnitedHealth.
This bounty comes as part of the State Department’s Rewards for Justice (RFJ) program, administered by the Diplomatic Security Service and offering remuneration for any information “leading to the identification or location of any person” involved in state-sponsored cyber crime.
The ALPHV/BlackCat group is made note of specifically in the bounty announcement, owing to its malicious ransomware as a service activities that compromised critical infrastructure in the US and worldwide.
In February, BlackCat targeted UnitedHealth tech unit subsidiary, Change Healthcare, which plays an important role in US healthcare by processing payments between insurance companies and practitioners.
Over 100 different Change Healthcare applications were impacted in a breach that experts said may have leveraged a vulnerability in remote desktop access software to gain initial access.
This compromised a huge amount of sensitive data, leaving medical records, patient information, and payment details vulnerable.
Many healthcare professionals were left unable to process insurance claims, in turn damaging financial transactions within healthcare settings and impacting patients trying to receive treatment.
UnitedHealth has revealed that it has only just begun to clear a medical claims backlog of over $14 billion as it relaunches its systems in the wake of the attack, which saw it recently restore Change Healthcare’s electron payments platform.
“We continue to make significant progress in restoring the services impacted by this cyberattack,” Andrew Witty, CEO of UnitedHealth Group, said.
“We know this has been an enormous challenge for health care providers and we encourage any in need to contact us.”
BlackCat has already made claims that UnitedHealth paid a $22 million ransom, though there is no evidence to suggest whether or not BlackCat held up its side of the bargain by handing back control of the healthcare provider's systems.
The level of damage done by BlackCat’s attack has now prompted a more proactive response from the US government through the imposition of this large bounty, an increasingly common tactic from US officials in combating criminal activity.
"Since its inception in 1984, RFJ has paid in excess of $250 million to more than 125 people across the globe who provided actionable information that helped resolve threats to U.S. national security,” the State Department said.
