Photo by David B. Gleason from the Wikimedia Commons.
In this week’s Cyber Blurbs Roundup, we cover the death of the DoD’s JEDI deal, an unfortunate update to the ransomware incident at Kaseya, and the White House’s response to the rampant cyber attacks against American companies.
Pentagon Nixes JEDI Deal
The Pentagon has finally pulled the plug on its JEDI contract, a 10-year, $10 billion deal once set to provide the DoD with enterprise-scale cloud capabilities. The DoD in a statement cited “evolving requirements, increased cloud conversancy, and industry advances” as reasons why “the JEDI Cloud contract no longer meets its needs.”
But it’s a little more complicated than that.
The contract was first announced in 2018 as a single-winner approach — a condition that was debated by many companies in the industry, as there aren’t very many organizations capable of handling the DoD’s capabilities requirements. In the end, it was — to the surprise of few — between Microsoft and Amazon, with Microsoft edging out the Jeff Bezos-founded company.
But, again, it’s a little more complicated than that.
Not one to go down without a fight, Bezos and his team took the loss to court, arguing that Amazon’s superior technology only lost due to Bezos’ contentious relationship with former President Donald Trump. The court battle delayed Microsoft’s win by nearly two years, ultimately prompting the DoD to nix the JEDI contract altogether and move on.
Microsoft was none too pleased at the latest development.
“The 20 months since DoD selected Microsoft as its JEDI partner highlights issues that warrant the attention of policymakers: When one company can delay, for years, critical technology upgrades for those who defend our nation, the protest process needs reform. Amazon filed its protest in November 2019 and its case was expected to take at least another year to litigate and yield a decision, with potential appeals afterward,” the company wrote in a blog post following the Pentagon’s decision.
The DoD has since announced a multi-cloud, multi-vendor contract known as Joint Warfighter Cloud Capability, or JWCC (sorry, Star Wars fans). The Pentagon is even saying the quiet part out loud.
“The Department intends to seek proposals from a limited number of sources, namely the Microsoft Corporation (Microsoft) and Amazon Web Services (AWS), as available market research indicates that these two vendors are the only Cloud Service Providers (CSPs) capable of meeting the Department’s requirements,” the DoD wrote in a press release.
Kaseya Ransomware Update
We spent some time last week discussing the ransomware attack directed at Kaseya, with hackers demanding more than $70 million in bitcoin after claiming to have compromised more than 1 million computers.
As if that wasn’t bad enough, Kaseya has upped its estimate of compromised customers from 50 to anywhere between 800–1,500 — making for one of the biggest ransomware attacks in history per ArsTechnica.
The attack, carried out by suspected Russia-linked group REvil, has had major impacts on organizations around the globe, including Swedish supermarket chain Coop, which was forced to close nearly half of its 800 stores.
REvil has previously had encounters with the world’s largest meat supplier JBS (which may explain the temporary price hike for your beloved New York strip). JBS paid $11 million in demands to regain its network. Computer company Acer has also been targeted, ultimately leading to an extortion attempt against business partner Apple. REvil demanded $50 million from Apple, though it’s unclear if the company ever paid.
There’s currently no word on whether Kaseya is considering its $70 million demands.
Biden ‘Optimistic’ Following Putin Cybersecurity Talks
US President Joe Biden spoke with Russian President Vladimir Putin Friday, stating that the United States "will take any necessary action to defend its people and its critical infrastructure.”
The call follows the latest suspected Russia-linked attack against Kaseya, which… you just read about. We’ll spare you the details. The group is assumed to have ties with Russia due to its hacking techniques, which often avoid targeting computers that have Russian as their primary language in an attempt to avoid local authorities.
The Kaseya attack is just one of several wide-reaching hacks targeting the US over the last year, a list that includes the catastrophic attacks against Colonial Pipeline and SolarWinds.
The US, much like the rest of the world, has historically been reluctant to address cyber attacks, largely because A) they’re not innocent in carrying out cyber attacks, and B) it’s usually Russia. But the last 12 months appear to signal a new chapter in the role that cybersecurity plays in national security, and the ways other countries have targeted the United States.
“It’s a very fine line that they have to walk as far as providing some kind of consequence for that behavior without it escalating to where cyberattacks are out of control, or increase it to a conflict that goes beyond the cyberspace,” former FBI agent and cybersecurity expert Jonathan Trimble told The Associated Press.