Free cybersecurity tools offered to hospitals and public services

Cyberwar / Nation-state attacks, DDoS protection, Email security and protection

Cloudflare Critical Infrastructure Defense Project, CrowdStrike, Ping Identity

Mathew J. Schwartz (euroinfosec) •
March 8, 2022

As Russia’s invasion of Ukraine continues, Western cybersecurity officials say the risk of spillover or direct cyberattacks remains high.

See also: Cyber ​​Threat Survival Guide: How to Prepare for Future Threats

To help protect some of the most vital critical infrastructure providers, three cybersecurity firms have announced that they will offer free cybersecurity services to the healthcare sector and the water and electricity industries. Cloudflare, CrowdStrike and Ping Identity say their initiative, dubbed the Critical Infrastructure Defense Project, will last at least the next four months.

“It is more important than ever for the security industry to come together and ensure our most critical industries are protected and prepared.”

What’s on offer? “Eligible organizations will have access to Cloudflare’s full suite of Zero Trust solutions, CrowdStrike’s endpoint protection and intelligence services, and Ping Identity’s Zero Trust identity solutions,” the companies said.

Collectively, this includes endpoint protection, single sign-on, threat intelligence, and other features, including defenses against distributed denial-of-service attacks, phishing, ransomware, and other malware, as well as the ability to help spot attackers moving laterally within networks, to better find and eject them before serious damage can be done (see: Warning from cyber agencies: ransomware attacks are worse than ever).

The initiative includes a step-by-step roadmap detailing which capabilities organizations should implement, and in what order, to improve their defensive posture the fastest.

Excerpt from the checklist provided by the Critical Infrastructure Defense Project

“Public Service Initiative”

Kudos to the companies that have stepped up to help protect some of the at-risk infrastructure organizations that we collectively rely on most.

“This is first and foremost a public service initiative to secure the endpoints and data of some of the nation’s most important critical infrastructure entities,” said George Kurtz, CEO of CrowdStrike. “We are in a position to help and we want to do everything we can.”

“We rely on our infrastructure to power our homes, provide access to water and basic necessities, and maintain critical access to healthcare. That’s why it’s more important than ever for industry to security unite and ensure our most critical industries are protected and prepared,” said Matthew Prince, CEO of Cloudflare.

Stopping online attacks often comes down to not necessarily having world-class defenses, just good enough. Time and time again, incident responders say, ransomware-wielding attackers and other criminals continue to gain access to companies that have not locked down the remote desktop protocol or failed to implement multi-factor authentication, among other well-known but too often not implemented, guarantees.

“With increased targeting risk on our critical infrastructure, strong identity security is more important than ever,” said André Durand, CEO of Ping Identity.

Focus on business resilience

The healthcare industry continues to be particularly hard hit by ransomware groups, despite claims that these criminals might make to spare hospitals (see: Secrets and Lies: The Games Ransomware Hackers Play).

To help, the White House announced a multi-pronged strategy last year, including more spending and coordination to help law enforcement and intelligence agencies disrupt criminal syndicates — and many allies have done so. likewise.

Equally important, the Biden administration has emphasized business resilience and urged organizations to improve their defenses to better protect against victims.

Additionally, Western governments have pursued diplomacy to try to eliminate havens for criminals. However, given that many criminals work from Russia and the current state of relations between Moscow and the West, this particular strategy is already running into some obstacles.

But cybersecurity experts have long been clear: to fight ransomware and other online attacks, governments cannot solve the problem alone. The private sector is instrumental. Literally, it’s about building the tools companies need to use to defend themselves. It also provides its expertise, including through partnerships and intelligence sharing with cybersecurity agencies such as the US Cybersecurity and Infrastructure Security Agency.

Potential fallout from the war

Again, it’s commendable that three cybersecurity companies are stepping up to offer free help to the most vulnerable organizations. Ideally, all organizations in these sectors will review the offer to see if it could improve on what they currently have in place.

As Russia’s war in Ukraine continues, so far Russian President Vladimir Putin does not appear to have ordered cyberattacks against the country that have spread globally or opted for a scorched earth policy. directly targeting Western organizations and infrastructure. But Western government officials say those risks remain high as the invasion continues; the cybersecurity situation could quickly spiral out of control (see: Why didn’t Russia launch a major cyberattack on Ukraine?).

A new complication is that some ransomware groups, such as Conti, have publicly endorsed Russia’s war of choice in Ukraine and threatened to target anyone who seeks to undermine Putin.

Security experts have long said that running a cybercrime empire from inside Russia requires following two rules: never attack Russia or its allies, and sometimes do law enforcement a favor. or intelligence agencies. As Russia appears to encounter unexpected resistance and logistical challenges, all options appear to remain on the table, including appealing to cybercrime gangs to act as a proxy force.

More than ever, the impetus remains to not fall victim to such attacks. As always, preparation pays – especially when what’s on offer is free.

Comments are closed.