Cyber firms sunset free services meant to counter Russia-linked hacking threats

A trio of cybersecurity firms quietly ended a program that offered free services to vulnerable critical infrastructure sectors that was first launched in the wake of Russia’s invasion of Ukraine.

The Critical Infrastructure Defense Project — led by Cloudflare, CrowdStrike and Ping Identity — supplied free cybersecurity tools beginning in March 2022 to critical infrastructure owners and operators potentially exposed to digital threats tied to the Russia-Ukraine war. It was designed to help sectors like hospitals, water systems and power utilities.

Since the war broke out in early 2022, Russian military-aligned hacking groups have accelerated reconnaissance and sabotage campaigns against infrastructure systems in the U.S. and other allies in Europe. One of those incursions targeted a water system in Texas.

But the “project has concluded” since the offerings “aligned with a period of initial heightened threats and that its use has since subsided,” according to a statement from a CrowdStrike spokesperson sent to Nextgov/FCW last week when asked about the status of the initiative. 

As of a few days ago, the CIDP webpage has been cleared and now directs users to Cloudflare’s homepage.

Prior to the project’s conclusion, eligible clients would get four free months of services, according to an archived version of the CIDP site, though it was never immediately clear whether the four months of free offerings would be made indefinitely available to new applicants. The cybersecurity services were offered “at no cost for a limited time to some vulnerable sectors,” the CrowdStrike spokesperson said. 

Under the Biden administration, White House officials sought to usher baseline cyber resources to overexposed sectors. Last June, Microsoft and Google made the initial commitment to offer grants, discounts and free tools for small care centers and larger rural hospitals. And in 2023, school technology providers agreed to offer free and subsidized cybersecurity resources for schools in need of digital shielding.

The timing of the program’s conclusion comes amid heightened cyber threat concerns originating in the Middle East. After President Donald Trump’s order for U.S. bombers to strike three of Iran’s nuclear sites over the weekend, the Homeland Security Department issued a bulletin warning of likely Tehran-linked cyberattacks targeting U.S. networks. 

Nextgov/FCW has asked CrowdStrike if the firms are reevaluating their decision to end the Critical Infrastructure Defense Project but did not get a response by the time of publication.

In recent weeks, Russia and Ukraine have held on-and-off peace talks, though progress has been minimal. Even as Trump seeks to appease Moscow and bring it to the negotiating table to end its war, the cyber operations aspects of the conflict do not appear to have calmed.

Last week, a group of firms unveiled a Russian campaign that impersonated the State Department and targeted top Russia military expert Keir Giles.

The U.S. has halted certain efforts to counter Russian sabotage efforts, including those in the cyber domain. And a U.S. official confirmed to Nextgov/FCW in March that U.S. Cyber Command was asked to stand down on certain cyber and information operations planning against Russia, though one top lawmaker said last month that that halt only lasted for one day.

A March 6 classified intelligence report provided to the Trump administration suggested that Russian President Vladimir Putin continues to pursue his broad objective of dominating Kyiv, the Washington Post reported in March.