Security vendors pledge free protection for US hospitals and utilities amid fear of Russian cyberattacks

Concerned that Russia may target US infrastructure, Cloudflare, CrowdStrike, and Ping Identity will offer their products for free to any US hospital or utility for the next few months.

In response to its invasion of Ukraine, Russia has been on the receiving end of severe sanctions from the US and many other nations. But with Putin and the Kremlin unlikely to simply turn the other cheek, fears have arisen that Russia may launch a series of cyberattacks as retaliation over these sanctions. With that in mind, three security companies are offering their products for free to US hospitals and utilities.

In a blog post published Monday, security provider Cloudflare said that it, along with CrowdStrike and Ping Identity, have kicked off an initiative known as the Critical Infrastructure Defense Project. Through this project, the three companies will freely provide their services and support to any US hospital, energy utility or water utility for at least the next four months.

Cyberattacks launched from Russia are a worry during normal circumstances. But with the country being hurt economically by sanctions over its invasion of Ukraine, such worries have intensified. With the US on Russia’s ever-growing list of enemies, there are mounting concerns over potential cyberattacks against critical industries and infrastructure. Experts who consulted with the three security companies were most apprehensive about three sectors on which cyberattacks could prove especially disruptive: hospitals, energy, and water.

SEE: Zero trust security: A cheat sheet (free PDF) (TechRepublic)

In its blog post, Cloudflare emphasized the benefits of a Zero Trust approach to cybersecurity. As ransomware and other types of attacks have intensified over the past few years, organizations have increasingly been urged to adopt this type of strategy to protect their critical data and assets. As described by Cloudflare, Zero Trust offers three key components: 1) Network security; 2) Endpoint security; and 3) Identity.

Cloudflare said that its Zero Trust security provides different services to help organizations make sure that connections are secure from anywhere on the network. CrowdStrike’s security services try to ensure that servers, laptops and mobile phones remain uncompromised. And Ping Identity covers the identity side of Zero Trust with multifactor authentication and other identity-based services.

The three security vendors will work directly with any organization that signs up for the free offerings to get them on board as quickly as possible. Cloudflare promised that supported hospitals and utilities would receive the same level of service as paying customers.

To help supported organizations beef up their security, the three companies have put together a recommended security triage program with a checklist of to-do items (PDF). Cloudflare also said that the Critical Infrastructure Defense Project could expand to more industries and countries depending on how the situation unfolds.