U.S. Department of Treasury, Pacific Northwest National Laboratory, and Cloudflare Partner to Share Early Warning Threat Intelligence for Financial Institutions

Cloudflare, Inc. (NYSE: NET), the leading connectivity cloud company, announced a partnership with the United States Department of Treasury and Pacific Northwest National Laboratory (PNNL) under the Department of Energy to improve the cyber resilience of the financial services industry by sharing an advanced threat intelligence feed through Cloudflare. With this new offering, financial services institutions that are using Cloudflare Gateway now have privileged access to Custom Indicator Feeds that share threat indicators and enable direct action to be taken, to better defend against ransomware, phishing, and other threats.

“The bank heists we watch in movies have modernized. With an increase in consumer banking done online post-pandemic, and the current geopolitical situation, cyberattacks on financial institutions have an outsized impact on how our country functions,” said Matthew Prince, co-founder and CEO, Cloudflare. “Our Custom Indicator Feed will take threat intelligence that was previously exclusively the government’s, and make it easily available to and actionable for the private sector for the first time. This is the beginning of another chapter of Cloudflare working closely with the federal government to strengthen the security of our critical institutions.”

Banks and financial services companies are critical institutions that keep the country and the economy functioning, and where companies and individuals hold their savings — and therefore, are a prime target for cyberattacks. Cloudflare observed 41 billion HTTP DDoS attack requests targeting the Banking, Financial Services, and Insurance (BFSI) industry in Q1 2024, a 57% year-over-year growth compared to Q1 2023. Sharing threat intel data across organizations thus far has been a manual process, with exchanges happening over email or industry Slack channels; there is then no streamlined way for organizations to take action on the intel received.

Tailored Threat Intelligence for Financial Institutions

This partnership with the Department of Treasury and PNNL will provide U.S. financial services institutions with privileged access to advanced threat intelligence, available through Cloudflare. The feed collects advanced insights from the Treasury and federal government’s exclusive sources, enriched by Cloudflare’s own threat intelligence, gained from unique visibility across Internet traffic. Financial institutions are able to integrate approved threat intelligence feeds directly into their Cloudflare dashboard and implement automated DNS filtering policies using Cloudflare Gateway, ensuring their employees are protected from malicious links and phishing attempts targeting financial services organizations.

Cloudflare’s network spans more than 320 cities, its widely used public DNS resolver, 1.1.1.1, is used around the world, and Cloudflare is used by nearly 20% of all websites — and so, Cloudflare routinely sees security threats and attacks by actors earlier than competitors. Cloudflare is the CISA chosen vendor for Protective DNS and federal agencies such as Treasury are leveraging Cloudflare to help protect its infrastructure.

“Treasury sees Cloudflare and PNNL as critical partners in our strategy to develop a more modern proactive defense posture,” said Todd Conklin, Treasury Chief AI Officer and Deputy Assistant Secretary Cybersecurity and Critical Infrastructure Protection. “Ensuring that critical cyber threat data is automated and being directly offered to firms will bolster the collective defenses of the financial sector, and will especially offer critical support to our smallest financial institutions.”

Public-Private Partnerships to Secure the Internet

This partnership is part of the White House’s National Cybersecurity Strategy, announced in 2023, that aims to defend critical infrastructure and dismantle threat actors in close cooperation with the private sector. Cloudflare has also signed onto the Cybersecurity and Infrastructure Security Agency (CISA) Secure By Design pledge, to catalyze collective action around secure by design principles, including multi-factor authentication, reducing entire classes of vulnerabilities, and more.

Onboarding U.S. Financial Institutions

This offering is available at no cost to any financial institution recognized by the Department of Treasury and that currently uses Cloudflare Gateway. Through this partnership, the feed will be available as a new security content category to use within Cloudflare’s Gateway DNS filtering policies. In accordance with Cloudflare’s values around privacy, threat intel is a one-way feed from Treasury to customers, and financial institutions’ data is not shared in any way outside of Cloudflare as part of this program. Customers will have access to threat signals, including IP addresses and domain names, along with DNS filtering via Gateway to ensure employees are protected from bad links or phishing attempts. For U.S. financial institutions that are not currently Cloudflare customers, contact Cloudflare at cloudflare.com/financial-services.