Can Big Tech help combat daunting cyberattacks against critical infrastructure?

High-level White House meeting comes as threats against US infrastructure, supply chains continue to rise.
25 August 2021

US President Joe Biden speaks with his national security team during a briefing on the situation in Afghanistan in the White House Situation Room.(Photo by Erin SCOTT / The White House / AFP)

Following a string of escalating ransomware attacks against critical US infrastructure – ranging from choking off gasoline and jet fuel supply from flowing up the US East Coast, to shutting down meat production and supply from one of the country’s leading food suppliers — US President Joe Biden has invited Apple CEO Tim Cook, Microsoft CEO Satya Nadella, and Amazon president and CEO Andy Jassy to the White House to discuss how the private sector can help combat ransomware and software supply chain attacks.

The three leaders of some of the biggest US tech firms are scheduled to meet with President Biden today, and are reportedly discussing how to improve cybersecurity and collaborative efforts with the federal government, including how software solutions might help alleviate security concerns in supply chains, reports Bloomberg.

In a sign of how seriously outgunned the public sector might be in shielding its vital operations from increasingly ambitious ransomware attackers, the chief executives of fellow ‘Big Tech’ companies IBM, Google parent firm Alphabet, and financial services giant JPMorgan Chase (which has been experiencing customer data protection headaches of its own) are also said to have been invited to the meeting.

Along with what cooperation they might offer, the President is anticipated to discuss security measures being undertaken by critical national infrastructure such as energy, water, and financial systems with the tech giants.

The gathering comes as reported cases of ransomware attacks to critical infrastructure have been mounting, including the crippling cyberattack against Colonial Pipeline that disrupted US oil supplies and against the meat processor JBS, which threatened the US meat supply. US officials believe both those hacks were conducted by Russia-based criminals rather than the Russian government – but with at least the Kremlin’s tacit approval.

US intelligence officials have blamed hackers based in Russia for a range of notable cyberattacks including ones that hobbled software and security providers SolarWinds and Kaseya, with thousands of their software service clients affected to various degrees. The administration also blamed Chinese hackers affiliated with China’s Ministry of State Security for a separate set of attacks on users of Microsoft Exchange Server software.

The worrying rise in ransomware incidents where Russian involvement was surfaced, eventually saw US President Biden meeting with his Russian counterpart President Vladimir V. Putin in Geneva – where the former handed over a list of 16 types of critical infrastructure that should be “off-limits” from cyberattacks, such as the energy and water sectors. Biden also allegedly pressed Putin to stop harboring Russian-backed cyber attackers and hold them accountable for attacks carried out overseas.

The meeting today marks the second time in a month that tech giants like Amazon, Google, and Microsoft have been reported to be working with federal authorities to shore up questionable security concerns.

Earlier this month, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency under the initiative called the Joint Cyber Defense Collaborative (JCDC), revealed they would be working with technology providers, cybersecurity firms and telecommunications providers to create and execute new cyber defense operations plans, with an initial focus on combating ransomware and cyberattacks on cloud-computing providers including cloud market-leading AWS, Microsoft and Google Cloud.

And some cybersecurity specialists feel that such cooperation and coordination between federal authorities and Big Tech is “long overdue”, according to Sam Curry, chief security officer at Cybereason. “Interestingly, Wednesday’s meeting includes a one-hour meeting with the President followed by three breakout sessions focused on risk assessment, critical infrastructure, and cybersecurity education/training.

“If we have learned anything since the SolarWinds breach opened the floodgates, the public and private sector need to invest now to ratchet up prevention and detection and improve resilience. We can meet fire with fire,” Curry continued. “We can slow them down. We can limit what they see. We can ensure fast detection and ejection. We can, in short, make material breaches a thing of the past. So, what if they get a toe hold on the ramparts. We can keep them out of the castle by planning and being smart ahead of time and setting up the right defenses.”

Jason Schmitt, GM of the Synopsys Software Integrity Group, agreed. “It is encouraging to see government recognition of the pivotal role that software plays in the security of our critical infrastructure,” Schmitt added. “Highlighting the grave security risk from insecure software – no matter the source – is a major step toward broader industry dedicated resources to properly understanding how trustworthy software is in their organizations.”