As Western companies continue to break ties with the Russian State (as an extension of the sanctions imposed on Russia by the U.S. and NATO),  three U.S. cybersecurity companies in the U.S. are addressing the ongoing threat of potential cyber-attacks in the U.S.  by making their platforms available to critical infrastructure entities, including the energy and healthcare sectors.

Crowdstrike (endpoint protection), Ping Identity (two-factor authentication) Cloudflare (DDoS attack protection, amongst other tools) are making their services available for free to high-risk, critical infrastructure such as utilities and hospitals.   As CISA Director Jen Easterly once said:  “Many organizations, both public and private, are target-rich and resource-poor.”  This private-sector initiative complements the efforts made by CISA to collaborate with the private sector by way of the Joint Cyber Defense Collaborative (JCDC) and the Shield’s Up initiative.  CISA has also made tools available for free by way of The CISA Online Resource Hub.

In an announcement in early March, the companies announced that they would make their services available to hospitals to protect against the crisis-level frequency of ransomware attacks directed at health care entities in the U.S., especially by non-state and state actors affiliated with Russia.  Early in the invasion of Ukraine,  the Russian ransomware gang Conti declared its fealty to Russia, which was swiftly met with retaliation by a Ukrainian member of the Conti gang (who released the internal text communications of the Conti gang to the public).

In response to the Russian invasion of Ukraine, national security experts have highlighted the increased risk of cyber attacks and have urged organizations to adopt a heightened cyber security posture. All organizations should be prepared for increasingly frequent and sophisticated attacks with goals that include stealing data, compromising applications, and shutting down networks and devices.

To address this threat, leading Zero Trust cyber security providers have partnered to launch the Critical Infrastructure Defense Project. Our goal is to quickly improve the cyber readiness of vulnerable infrastructure in US critical industries—hospitals, energy utilities, and water utilities—by providing eligible organizations free services and support.

The combination of cyber security capabilities offered by the project enables a robust Zero Trust defense-in-depth approach that can be implemented quickly.

What Next?

Cloudflare is offering 4 free months of these enterprise-level services, plus support, to hospitals, energy utilities, and water utilities:

1. Secure DNS Filtering
2. Secure Web Gateway
3. Zero Trust Access Control
4. Email Protection
5. DNS Infrastructure
6. WAF and DDoS Mitigation

To apply:  Rapidly Improving Cyber Readiness for US Critical Infrastructure | Cloudflare

CrowdStrike is offering 4 free months of these services, plus support, for hospitals, energy utilities, and water utilities:

1. Falcon Endpoint Protection Pro
2. Falcon X Recon

To apply: CrowdStrike Critical Infrastructure Protection

Ping Identity is offering 4 free months of these services, plus support, for hospitals, energy utilities, and water utilities:

1. Single sign-on
2. Multi-factor authentication
3. Risk management
4. Orchestration

To apply:  Critical Infrastructure Defense (pingidentity.com)

For an overview of the project and the initial checklist compiled by the companies for what they describe as “what an organization should do immediately, within the next week, and within the next month to help triage the work, see Critical_Infrastructure_Defense_Project_Guide.pdf.

The initial press release announcing the project can be found at Cloudflare, CrowdStrike, and Ping Identity Join Forces to Strengthen U.S. Cybersecurity in Light Of Increased Cyber Threats.

Further OODA Loop Resources

In the current climate created by the viable threat of a Russian cyberattack on the U.S., if you are preparing your organization or your individual household to mitigate risk please see OODA CTO Bob Gourley’s Guide For Business: Final checks for reducing risks in the face of nation-state cyber-attacks based on White House advisory.  In the post, Bob itemizes OODA recommendations for:

• Large Businesses/Large Federal Government Agencies
• Small To Mid-Sized Businesses/State and Local Governments;  and
• Individuals

OODA is here to help.  OODA members can contact us by replying to any of our emails or using this form.

Preparing for Cyber Attacks: The CISA Online Resource Hub

Guide For Business: Final checks for reducing risks in the face of nation-state cyber-attacks based on White House advisory

CISA, FBI Issue Joint Cybersecurity Advisory for SATCOM Ecosystem Following Viasat Cyberattack

The FBI Cyber Division, NSA, Australian Cyber Security Centre, and the UK’s NCSC Issue Joint CSA on Global Ransomware Activity

CISA Insights Bulletin Urges U.S. Preparation for Data Wiping Attacks

Log4Shell Update from CISA Director Easterly and DHS CISA JCDC Company Updates

C-Suite Guide: Improving Cybersecurity Posture Before Russia Invades Ukraine

CISA Apache Log4j Vulnerability Guidance Webpage Up and Running with Mitigation Guidance from JCDC Partners

A Call to Action from CISA’s Jen Easterly and Def Con’s Jeff Moss at Inaugural CISA Advisory Committee Mtg.

At Black Hat 2021, CISA Director Jen Easterly launches CISA JCDC (Joint Cyber Defense Collaborative)

Stay Informed

It should go without saying that tracking threats are critical to inform your actions. This includes reading our OODA Daily Pulse, which will give you insights into the nature of the threat and risks to business operations.

Related Reading:

Black Swans and Gray Rhinos

Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis

Cybersecurity Sensemaking: Strategic intelligence to inform your decisionmaking

The OODA leadership and analysts have decades of experience in understanding and mitigating cybersecurity threats and apply this real-world practitioner knowledge in our research and reporting. This page on the site is a repository of the best of our actionable research as well as a news stream of our daily reporting on cybersecurity threats and mitigation measures. See: Cybersecurity Sensemaking

Corporate Sensemaking: Establishing an Intelligent Enterprise

OODA’s leadership and analysts have decades of direct experience helping organizations improve their ability to make sense of their current environment and assess the best courses of action for success going forward. This includes helping establish competitive intelligence and corporate intelligence capabilities. Our special series on the Intelligent Enterprise highlights research and reports that can accelerate any organization along its journey to optimized intelligence. See: Corporate Sensemaking

The OODAcast Video and Podcast Series

In 2020, we launched the OODAcast video and podcast series designed to provide you with insightful analysis and intelligence to inform your decision-making process. We do this through a series of expert interviews and topical videos highlighting global technologies such as cybersecurity, AI, and quantum computing along with discussions on global risk and opportunity issues. See: The OODAcast