U.S. Taps Industrial and Cyber Firms for Help Amid Warnings of Russian Hacks
The Department of Homeland Security on Wednesday added several industrial and cybersecurity firms to a program aimed at thwarting hacks amid fresh warnings of Russian attempts to disrupt critical infrastructure.
DHS expanded its Joint Cyber Defense Collaborative to include vendors that provide equipment and security for the digital tools used in industrial settings such as power plants, factories and pipelines. Washington and its allies have urged such companies to harden their systems during Russia’s war in Ukraine, including a Wednesday alert from U.S. and allied officials that the bloody conflict could expose organizations to international cyber spillover.
The voluntary DHS initiative, organized by the Cybersecurity and Infrastructure Security Agency, aims to share information about threats between the public and private sectors. That could prove useful for industrial firms that analyze their own systems but lack visibility into other companies that may use similar equipment, said Kurt John, chief cybersecurity officer for industrial conglomerate
Siemens
USA.
“Adding an additional layer of context through this collaborative will probably increase the value of the data that we’re already processing internally,” said Mr. John, whose firm provides equipment used in the energy sector, mail delivery and airport baggage handling, among other industries.
Mr. John hopes to exchange information about hacking tactics, such as indicators of compromise and specific internet-protocol addresses that can identify hackers’ devices.
“On a more strategic level, you might get a sense for exactly what the objectives of these attackers might be,” he added.
Siemens is one of 10 firms in Wednesday’s expansion of the program, in addition to industrial parts supplier
Schneider Electric SE
and conglomerate
Honeywell International Inc.
The JCDC’s inaugural private-sector members last year included tech companies such as
Amazon.com Inc.,
Microsoft Corp.
and
Alphabet Inc.’s
Google.
It is unclear how industrial firms will share information about threats with U.S. officials and one another through the JCDC partnership.
“All of the mechanisms have yet to be worked out,” said Grant Geyer, chief product officer for cyber firm Claroty Ltd. Siemens, Claroty and other members plan to anonymize customer information before sharing it with the government clearinghouse for analysis.
The Biden administration increasingly has engaged industrial businesses through both voluntary and mandatory cyber initiatives after ransomware attacks last year disrupted meat processor
JBS SA
and Colonial Pipeline Co., which operates the East Coast’s largest conduit for fuel. Officials including CISA Director Jen Easterly also have warned such businesses that they could be targets of Russia-linked hacking groups as the war in Ukraine has escalated.
On Wednesday, officials from the U.S., U.K., Canada, Australia and New Zealand jointly renewed those warnings, saying that critical-infrastructure operators should be on heightened alert for destructive malware, ransomware, cyber espionage and distributed-denial-of-service incidents that can knock computer systems offline.
“This activity may occur as a response to the unprecedented economic costs imposed on Russia as well as materiel support provided by the United States and U.S. allies and partners,” the alert said.
The war in Ukraine has been accompanied by steady but relatively low-level cyber conflict by state- and nonstate hackers. So far, however, the U.S. government’s warnings of potentially dire cyberattacks against key U.S. industries haven’t materialized.
The drumbeat of general alerts, which U.S. officials have branded as a “Shields Up” initiative, has led to stress and fatigue among some security teams, executives say.
“Shields Up cannot be a permanent state of being,” Claroty’s Mr. Geyer said. “Putting defenders on a heightened state of alert can be draining at times.”
—Kim S. Nash contributed to this article.
Write to David Uberti at [email protected]
Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.