Project Fortress: Federal Government and Wall Street Collaborate on Cyberdefense Against Major Attacks

The federal government and Wall Street have formed a new cybersecurity alliance called Project Fortress, aimed at defending the US financial system from major cyberattacks and deterring potential hackers. According to a letter sent to bank CEOs by a senior Treasury official and viewed by CNN, the project includes defensive measures such as a new cyber hygiene tool and an automated threat feed. However, Deputy Treasury Secretary Wally Adeyemo has emphasized that Project Fortress also involves “offensive actions” that utilize Treasury’s national security tools and US law enforcement to hold attackers accountable. These actions reportedly include the deployment of Treasury’s sanctions team. The project has been in development for several months, with various components rolled out piecemeal. Both Janet Yellen and Adeyemo discussed Project Fortress with bank CEOs in a recent meeting. The federal government has recognized the seriousness of cyberattacks as the greatest threat to the global financial system, surpassing even the risks posed by lending and liquidity issues. A recent cyberattack on the New York branch of the Industrial and Commercial Bank of China led to disruptions in the crucial US Treasury market, highlighting the significance of the issue. Project Fortress includes a cyber hygiene tool run by the Cybersecurity and Infrastructure Security Agency (CISA), which banks can opt into at no cost. More than 800 financial sector participants have already enrolled in this feature, which automatically identifies significant cyber vulnerabilities and offers customized updates based on each company’s specific weaknesses. Small and regional banks, often struggling with real estate and interest rate difficulties, are expected to benefit from this initiative, as they frequently lack the same financial resources as larger banks. Overall, Project Fortress aims to provide support to all financial institutions, regardless of size, including community banks and credit unions. It also incorporates an automated threat information feed that aggregates insights from US agencies, foreign partners, and participating financial organizations. By consolidating this information into an open-source platform, authorities can swiftly identify hazards and respond appropriately. The US government has recently employed its offense-oriented capabilities, including those associated with Project Fortress, to take action against cybercriminals. Earlier this week, US officials and European counterparts announced sanctions and criminal charges against a Russian man believed to be the mastermind behind the LockBit ransomware gang, which has extracted approximately $500 million in repayments from thousands of victims. Law enforcement authorities utilized LockBit’s own websites to taunt its members and even established a countdown timer vowing to unveil the group’s leader.