Security Experts:

Connect with us

Hi, what are you looking for?



U.S. Security Vendors Launch Critical Infrastructure Defense Project

Amid rising Russia tensions, CloudflareCrowdStrike and Ping Identity offer free security for Critical National Infrastructure operators

Amid rising Russia tensions, CloudflareCrowdStrike and Ping Identity offer free security for Critical National Infrastructure operators

Government warnings of heightened cyber risk to U.S. organizations as a by-product of the war in Ukraine are almost a daily occurrence. The government considers increased cyber activity aimed at U.S. and NATO organizations ‒ and particularly critical infrastructure organizations ‒ to be a serious threat.

CISA has a ‘Shields Up’ page that states, “While there are no specific or credible cyber threats to the U.S. homeland at this time, Russia’s unprovoked attack on Ukraine, which has involved cyber-attacks on Ukrainian government and critical infrastructure organizations, may impact organizations both within and beyond the region. Every organization—large and small—must be prepared to respond to disruptive cyber activity.”

You can see SecurityWeek’s take on how and why cyber threats could escalate from Ukraine into a formal or informal cyberwar here: Russia-Ukraine: Threat of Local Cyber Operations Escalating Into Global Cyberwar. Failing the rapid withdrawal of Russian troops from Ukraine, which doesn’t seem likely, it is difficult to see anything other than increased cyber activity aimed against the U.S. and its allies. 

This could be either or both cyber operations from Russia’s elite government sponsored groups in retaliation for sanctions, or simple cyberattacks from individuals and criminal gangs wishing to support Russia. It is worth noting that Putin has already described sanctions as ‘akin to a declaration of war.’

It is to be hoped that American industry, and especially the CNI, is already well-prepared. Experience suggests that many organizations are not. In such cases, rapid improvements to the basics are necessary. This includes ensuring staff awareness and patching any systems that are known to be unpatched. These can be achieved without new or improved security controls.

Other basics, however, require additional support from third party products (for this particular crisis, it is probably too late to consider in-house developed solutions). The basics that need to be immediately bolstered include DDoS defense, access control, and endpoint protection.

Three major security vendors, Cloudflare, CrowdStrike and Ping Identity, have now come together in what they call a new Critical Infrastructure Defense Project, offering free services and support for four months.

These three companies combine to offer the most urgent basic security. Cloudflare provides web traffic filtering and DDoS protection; CrowdStrike prevents malicious activity against endpoints, cloud workloads, identity, and data; and Ping Identity offers advanced user authentication processes.

Eligibility for these free offerings is one limitation. SecurityWeek was told, “This program is designed to help U.S. critical infrastructure that has been identified as particularly vulnerable to cyberattack. In particular, this includes energy and water utilities of all sizes, from towns and municipalities to regional or national providers. Likewise, all public and private hospitals and hospital systems of all sizes will be eligible.”

What happens after the free four months should also be considered. Here SecurityWeek was told, “Cloudflare, CrowdStrike and Ping will continue to monitor the threat landscape closely and remain in constant contact with key cyber officials across the government to determine if the scope needs to be modified.”

The offer is an opportunity for eligible organizations within the CNI who are concerned about their existing basic security to obtain good security, quickly and freely. They will just need to make sure this isn’t simply a marketing exercise to get organizations to try the vendors’ products, and to be sure they have an exit strategy if they decide they don’t wish to start paying for the products at the end of the free period.

Related: Russia, Ukraine and the Danger of a Global Cyberwar

Related: Russia-Ukraine: Threat of Local Cyber Ops Escalating Into Global Cyberwar

Related: Russia vs Ukraine – The War in Cyberspace

Related: NSA Publishes Best Practices for Improving Network Defenses

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet


Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona


The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...


Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...


A newly identified threat actor tracked as NewsPenguin has been targeting military organizations in Pakistan with sophisticated malware.