Euro Security Watch with Mathew J. Schwartz

Cyberwarfare / Nation-State Attacks , DDoS Protection , Email Security & Protection

Free Cybersecurity Tools Offered to Hospitals and Utilities

Critical Infrastructure Defense Project From Cloudflare, CrowdStrike, Ping Identity
Free Cybersecurity Tools Offered to Hospitals and Utilities

As Russia's invasion of Ukraine continues, Western cybersecurity officials say the risk of spillover or direct cyberattacks remains high.

See Also: When Every Identity is at Risk, Where Do You Begin?

To help protect some of the most vital providers of critical infrastructure, three cybersecurity firms have announced that they will be offering free cybersecurity services to the healthcare sector and the water and power industries. Cloudflare, CrowdStrike and Ping Identity say their initiative, dubbed the Critical Infrastructure Defense Project, will run for at least the next four months.

What's on offer? "Eligible organizations will have access to the full suite of Cloudflare zero trust solutions, endpoint protection and intelligence services from CrowdStrike and zero trust identity solutions from Ping Identity," the firms say.

Collectively, that includes endpoint protection, single sign-on, threat intelligence and other capabilities, including defenses against distributed denial-of-service, phishing, ransomware and other malware attacks, as well as the ability to help spot attackers moving laterally inside networks, to better find and eject them before serious damage can be done (see: Cyber Agencies Warn: Ransomware Attacks Are Worse Than Ever).

The initiative includes a step-by-step road map detailing which capabilities organizations should implement, and in which order, to most rapidly improve their defensive posture.

Excerpt from the checklist provided by the Critical Infrastructure Defense Project

'Public Service Initiative'

Kudos to the firms for stepping up to help protect some of the at-risk infrastructure organizations on which we collectively most rely.

"This is first and foremost a public service initiative to secure the endpoints and data of some of the most important critical infrastructure entities in the country," says George Kurtz, CEO of CrowdStrike. "We are in a position to help and we want to do all we can."

"We rely on our infrastructure to power our homes, to provide access to water and basic necessities, and to maintain critical access to healthcare. That's why it's more important than ever for the security industry to band together and ensure that our most critical industries are protected and prepared," says Matthew Prince, CEO of Cloudflare.

Stopping online attacks often comes down to having not necessarily world-class defenses, but just good enough ones. Time and again, incident responders say, ransomware-wielding attackers and other criminals are continuing to gain access to companies that have not locked down remote desktop protocol or that have failed to implement multifactor authentication, among other well-known but too often not implemented, safeguards.

"With heightened targeting risk on our critical infrastructure, strong identity security is more important than ever," says Andre Durand, CEO of Ping Identity.

Focus on Business Resiliency

The healthcare sector continues to be especially hard-hit by ransomware groups, despite whatever claims such criminals might make about sparing hospitals (see: Secrets and Lies: The Games Ransomware Attackers Play).

To help, the White House last year announced a multipronged strategy, including more spending and coordination to help law enforcement and intelligence agencies disrupt criminal syndicates - and many allies have been doing the same.

Just as importantly, the Biden administration has been emphasizing business resiliency and urging organizations to improve their defenses to better protect themselves against falling victim.

In addition, Western governments have been pursuing diplomacy to try and eliminate safe havens for criminals. Given that many criminals work from Russia, however, and the current state of relations between Moscow and the West, this particular strategy is already hitting some roadblocks.

But cybersecurity experts have long been clear: To battle ransomware and other online attacks, governments alone cannot solve the problem. The private sector is instrumental. Literally, it is building the tools businesses must use to defend themselves. It is also providing expertise, not least via partnerships and intelligence sharing with cybersecurity agencies such as the U.S. Cybersecurity and Infrastructure Security Agency.

Potential Fallout From War

Again, it's laudable that three cybersecurity firms are stepping up to offer free help to the most vulnerable organizations. Ideally, all organizations in these sectors will be reviewing the offer to see if it might better what they now have in place.

As Russia's war in Ukraine continues, so far Russian President Vladimir Putin doesn't seem to have ordered cyberattacks against the country that have spread globally or opted for a more scorched-earth policy of directly targeting Western organizations and infrastructure. But Western government officials say those risks remain high as the invasion continues; the cybersecurity situation might quickly spiral out of control (see: Why Hasn't Russia Launched a Major Cyberattack on Ukraine?).

A fresh complication is that some ransomware groups, such as Conti, have publicly endorsed Russia's war of choice in Ukraine and threatened to target anyone who seeks to undermine Putin.

Security experts have long said running a cybercrime empire from inside Russia requires obeying two rules: Never attack Russia or its allies, and sometimes do favors for law enforcement or intelligence agencies. As Russia appears to be encountering unexpected resistance and logistical challenges, all options seem to remain on the table, including favors being called in of cybercrime gangs to act as a proxy force.

More than ever, the impetus remains to not fall victim to such attacks. As always, preparation pays - especially when what's on offer is free.



About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.