Cyber firms sunset free services meant to counter Russia-linked hacking threats

MalBot · June 23, 2025, 2:05pm

A trio of cybersecurity firms quietly ended a program that offered free services to vulnerable critical infrastructure sectors that was first launched in the wake of Russia’s invasion of Ukraine.

Introduction to Malware Binary Triage (IMBT) Course

Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor.

Enroll Now and Save 10%: Coupon Code MWNEWS10

Note: Affiliate link – your enrollment helps support this platform at no extra cost to you.

The Critical Infrastructure Defense Project — led by Cloudflare, CrowdStrike and Ping Identity — supplied free cybersecurity tools <a href=“Cloudflare, CrowdStrike, and Ping Identity Join Forces to Strengthen U.S. Cybersecurity in Light Of Increased Cyber Threats”>beginning in March 2022</a> to critical infrastructure owners and operators potentially exposed to digital threats tied to the Russia-Ukraine war. It was designed to help sectors like hospitals, water systems and power utilities.

Since the war broke out in early 2022, Russian military-aligned hacking groups have accelerated reconnaissance and sabotage campaigns against infrastructure systems in the U.S. and other allies in Europe. One of those incursions targeted a <a href=“Russian hackers breached, sabotaged Texas water treatment plant, cyber firm says - Nextgov/FCW”>water system</a> in Texas.

But the “project has concluded” since the offerings “aligned with a period of initial heightened threats and that its use has since subsided,” according to a statement from a CrowdStrike spokesperson sent to Nextgov/FCW last week when asked about the status of the initiative.

As of a few days ago, the CIDP webpage has been cleared and now directs users to Cloudflare’s homepage.

Prior to the project’s conclusion, eligible clients would get four free months of services, according to an <a href=“https://web.archive.org/web/20221028192703/https://criticalinfrastructuredefense.org/”>archived version</a> of the CIDP site, though it was never immediately clear whether the four months of free offerings would be made indefinitely available to new applicants. The cybersecurity services were offered “at no cost for a limited time to some vulnerable sectors,” the CrowdStrike spokesperson said.

Under the Biden administration, White House officials sought to usher baseline cyber resources to overexposed sectors. Last June, Microsoft and Google made the initial commitment to offer grants, discounts and free tools for small care centers and larger rural hospitals. And in 2023, school technology providers agreed to offer <a href=“Cyberattacks still ravage schools, defying White House efforts launched last year - Nextgov/FCW”>free and subsidized cybersecurity resources</a> for schools in need of digital shielding.

The timing of the program’s conclusion comes amid heightened cyber threat concerns originating in the Middle East. After President Donald Trump’s order for U.S. bombers to strike three of Iran’s nuclear sites over the weekend, the Homeland Security Department <a href=“DHS expects Iran’s cyber forces will target US networks after strikes on nuclear sites - Nextgov/FCW”>issued a bulletin</a> warning of likely Tehran-linked cyberattacks targeting U.S. networks.

Nextgov/FCW has asked CrowdStrike if the firms are reevaluating their decision to end the Critical Infrastructure Defense Project but did not get a response by the time of publication.

In recent weeks, Russia and Ukraine have held on-and-off peace talks, though progress has been minimal. Even as Trump seeks to appease Moscow and bring it to the negotiating table to end its war, the cyber operations aspects of the conflict <a href=“Phishing campaign seeks to siphon Ukraine war intelligence from defense contractors - Nextgov/FCW”>do not appear to have calmed</a>.

Last week, a group of firms unveiled a Russian campaign that <a href=“Unusually patient suspected Russian hackers pose as State Department in ‘sophisticated’ attacks on researchers | CyberScoop”>impersonated</a> the State Department and <a href=“HACK ALERT - Several of my email accounts have been targeted with a sophisticated account takeover that involved impersonating the US State Department. | Keir Giles”>targeted top Russia military expert</a> Keir Giles.

The U.S. has halted certain efforts to <a href=“Exclusive: US suspends some efforts to counter Russian sabotage as Trump moves closer to Putin | Reuters”>counter Russian sabotage efforts</a>, including those in the cyber domain. And a U.S. official confirmed to Nextgov/FCW in March that U.S. Cyber Command was asked to <a href=“Hegseth orders suspension of cyber, information operations planning against Russia - Nextgov/FCW”>stand down</a> on certain cyber and information operations planning against Russia, though one top lawmaker said last month that that halt <a href=“https://www.politico.com/news/2025/05/16/hegseth-cyber-operations-russia-pause-00354072”>only lasted for one day</a>.

A March 6 classified intelligence report provided to the Trump administration suggested that Russian President Vladimir Putin continues to pursue his broad objective of dominating Kyiv, the Washington Post <a href=“https://www.washingtonpost.com/national-security/2025/03/13/putin-trump-ukraine-russia-ceasefire/”>reported</a> in March.

Article Link: Cyber firms sunset free services meant to counter Russia-linked hacking threats - Nextgov/FCW