The federal government, in collaboration with Wall Street, has formed a new cybersecurity alliance called Project Fortress to protect the US financial system from cyberattacks. The alliance aims to not only defend against potential attacks but also to deter hackers from targeting financial institutions. Project Fortress includes defensive measures such as a cyber hygiene tool that scans for vulnerabilities and an automated threat feed to detect threats. Additionally, the alliance involves offensive actions that utilize Treasury’s national security tools and law enforcement to hold adversaries accountable for their attacks.
The development of Project Fortress has been in progress for several months, with various components being rolled out by the Treasury. Treasury Secretary Janet Yellen and Deputy Secretary Wally Adeyemo have engaged with bank CEOs to discuss the alliance and its importance in safeguarding the financial system. Bank executives, including those from major institutions like JPMorgan Chase and Bank of America, have expressed their support for Project Fortress, emphasizing the shared responsibility in maintaining a strong and resilient financial system.
Cybersecurity threats are considered a significant risk to the global financial system, with Federal Reserve Chair Jerome Powell highlighting cyberattacks as a greater danger than the financial crises of the past. A cyberattack on the New York branch of the Industrial and Commercial Bank of China last year underscored the vulnerability of financial institutions to hacking incidents. Project Fortress aims to address these vulnerabilities through tools like the cyber hygiene tool run by the Cybersecurity and Infrastructure Security Agency (CISA), which helps banks identify and address cybersecurity weaknesses.
The information-sharing aspect of Project Fortress, known as the Automated Threat Information Feed, gathers indicators from US agencies, international partners, and financial firms to enhance threat detection capabilities. The alliance also includes offensive measures, as demonstrated by recent sanctions and criminal charges against a Russian man linked to a ransomware gang. US and European law enforcement agencies have utilized tactics such as taunting the hackers on their own websites to disrupt their operations.
Project Fortress seeks to strengthen cybersecurity across the financial sector and ensure that all institutions, regardless of size, have access to resources and support. By pooling information and resources, the alliance aims to improve threat detection and response capabilities to protect against cyber threats. Through collaborative efforts between the government, Wall Street, and other stakeholders, Project Fortress aims to enhance the resilience of the US financial system against cyberattacks and potential disruptions.