informa
5 min read
article

Trio of Vendors Offer Free Services to Organizations at Risk of Russian Cyberattacks

CrowdStrike, Cloudflare, and Ping Identity have teamed up with tools and services for the healthcare, power, and water industries as a way to quickly bolster their security on several fronts.

A trio of vendors have teamed up to offer a range of free cybersecurity services to organizations in three US critical infrastructure sectors to help prepare them for potential cyberattacks from Russia.

The Critical Infrastructure Project is a collaborative effort between CrowdStrike, Cloudflare, and Ping Identity. As part of the initiative, the three vendors are providing step-by-step guidance to organizations in water, power utilities, and healthcare sectors on how to quickly implement a multi-layered zero-trust defense for protecting against phishing, malware, and destructive cyberattacks.

The vendors are offering a broad range of their products for free for at least the next four months. This includes technologies like Cloudflare's cloud gateway, DNS filtering, and web application firewall technology; CrowdStrike's Falcon endpoint protection and Falcon X threat monitoring; and Ping Identity's PingOne for detecting suspicious sign-on attempts and its DaVinci identity orchestration service.

"This program is designed to help US critical infrastructure that has been identified as particularly vulnerable to cyberattacks," a CrowdStrike spokeswoman says. "This includes energy and water utilities of all sizes, from towns and municipalities to regional or national providers. Likewise, all public and private hospitals and hospital systems of all sizes will be eligible." There is no seat limit or size cutoff in terms of organization size.

Ukraine Crisis
The immediate impetus for the program is the heightened risk of cyberattacks tied to the Russian invasion of Ukraine, the spokeswoman says. Many security experts have warned about the high likelihood of retaliatory and spillover attacks from Russia-based actors over US-led sanctions against the country.

Andre Durand, CEO and founder of Ping Identity, describes the initiative as an opportunity for the three vendors to come together to help organizations combat new global risks. "Whether it's securing employee identities or enabling customers to provide secure digital experiences, identity security is mission critical for enterprises across the world," he says.

The main focus of the guidance from the three vendors is implementing key security controls at speed. The security features available for free through the initiative are designed to help organization secure distinct risk surfaces and to work with each other to provide a multi-layered defense against cyberattacks, according to the three vendors.

These include secure DNS filtering, single sign-on, multifactor authentication, endpoint protection, secure Web gateways, zero-trust access controls, DNS security, and risk monitoring and management. The program provides organizations with phased milestones for implementing each security control and a checklist of items for hitting those milestones. "All products are designed to be deployed in hours, not days, but the timeline suggested gives organizations a template based on team member availability," according to a description of the program.

For example, the first item on the checklist for organizations is to deploy, within the hour, global DNS filtering as a defense against malware and phishing attacks using Cloudflare's 1.1.1.2 DNS service. The checklist provides for one day to implement more targeted DNS filtering and logging via Cloudflare's Gateway DNS Filter and to strengthen account sign-on for users via Ping Identity's PingOne SSO. The Critical Infrastructure Defense Project guide's implementation targets for the first week include controls against lateral movement and spear-phishing via Cloudflare Access; tools for detecting malware with CrowdStrike's Falcon Endpoint Protection Pro technology; and threat monitoring and tracking with CrowdStrike Falcon X Recon.

Echoes of Previous Security Freebie Efforts
Tanner Johnson, an analyst at Omdia, says that initiatives like this are extremely helpful, and offer substantive opportunities for organizations to benefit. "A great deal of the complications we face in the cybersecurity domain simply stem from a reactionary cultural attitude," Johnson says. "Sadly, the harsh truth is that many organizations fail to plan for cyber threats in any meaningful way, until they are forced to deal with the consequences of one first hand."

So, any initiative that offers guidance on where organizations should begin without overwhelming them with the sheer number of security options has considerable value. "If organizations actively take advantage of such initiatives, they can establish a better understanding of their own security postures, outline their individual attack response plans, while providing greater overall protection for their crown jewels," he says.

This is not the first time that any of the vendors have been involved in such an effort.

At the start of the COVID-19 pandemic, Cloudflare, for instance, offered its Cloudflare for Teams products for free to small businesses around the world. Similarly, the company lent its technology for free to help state and local governments to protect election websites under an effort called the Athenian Project.

In the past, CrowdStrike has offered free services during times of cyber crises as well. One example is a tool that the company made available for free in Dec. 2020 to help organizations identify and mitigate risks in Azure Active Directory after several critical vulnerabilities were discovered in the technology.

And in March 2020, Ping Identity offered its Cloud SSO and multifactor authentication technologies for free for a six-month period for companies struggling to secure their (at the time) new work-from-home workforce.