CISA teams up with Microsoft, Google, Amazon to fight ransomware

CISA has announced the launch of Joint Cyber Defense Collaborative (JCDC), a partnership across public and private sectors focused on defending US critical infrastructure from ransomware and other cyber threats.

The new initiative’s goal is to allow CISA to develop cyber defense plans in collaboration with federal agencies, SLTT (state, local, tribal and territorial) partners, and private sector orgs for national resilience against malicious cyber activity targeting critical infrastructure.

“The industry partners that have agreed to work side-by-side with CISA and our interagency teammates share the same commitment to defending our country’s national critical functions from cyber intrusions, and the imagination to spark new solutions,” CISA Director Jen Easterly said.

“With these extraordinarily capable partners, our initial focus will be on efforts to combat ransomware and developing a planning framework to coordinate incidents affecting cloud service providers.”

The first industry partners to joint the JCDC include Microsoft, Google Cloud, Amazon Web Services, AT&T, Crowdstrike, FireEye Mandiant, Lumen, Palo Alto Networks, and Verizon, with plans to expand with more private sector and SLTT partners from across sectors.

Government partners already participating include the Department of Defense, the National Security Agency, the Department of Justice, the Federal Bureau of Investigation, the U.S. Cyber Command, and the Office of the Director of National Intelligence, with additional Sector Risk Management Agencies (SRMAs) to join the effort at a later time.

We will:

Share insight to shape our understanding of cyber defense challenges and opportunities;

Design whole-of-nation cyber defense plans to address risks;

Support joint exercises to improve cyber defense operations;

Implement coordinated defensive cyber operations.

— Jen Easterly (@CISAJen) August 5, 2021

The launch of this parnership between the US public and private sector platform comes after an almost continuous barrage of cyberattacks targeting US government agencies and critical infrastructure, starting with the December 2020 SolarWinds supply-chain attack.

Since the start of 2021, both state-sponsored and financially motivated hacking groups have coordinated widespread attacks on Microsoft Exchange servers worldwide and hit the networks of Colonial Pipeline, JBS Foods, and Kaseya customers in ransomware incidents.

President Joe Biden issued a national security memorandum during late July in response to this stream of attacks, a memorandum designed to help bolster the security of US critical infrastructure by setting baseline performance goals for infrastructure owners and operators.

The US President also warned lasat month that severe security breaches could potentially escalate to a “real shooting war” with another major world power.

“In recent months, various major cyber incidents have had an impact on our critical infrastructure community and caused downstream consequences to Americans that rely on it for everyday functions,” CISA said today, after announcing JCDC’s formation.

“As a community, the JCDC will deploy innovation, collaboration, and imagination to protect American businesses, government agencies, and our people against cyber intrusions.”