New York Is First City to Open a Cyberattack Defense Center

New York City just opened its Cyber Critical Services and Infrastructure (CCSI) Project, a real-time operational center to protect the metropolitan area against cyberattacks. Located in lower Manhattan, the center shares intelligence with 282 partners, including the New York Police Department (NYPD), Amazon, International Business Machines (IBM), the Federal Reserve Bank and several New York healthcare systems. The anti-cybercriminal effort started two years ago but has been entirely virtual until now.

The Wall Street Journal reports that Manhattan district attorney Cyrus Vance Jr., among the project’s founding members, stated “if any city in America needs this cross-sector and government collaboration, it’s us.”

During the first conversations about the cybersecurity initiative, in 2017, Vance noted that, “New York would need to be mobilized instantaneously, and yet at the time, there was no group organized to convene in the event of a cyberattack.” In 2019, Vance’s office along with the NYPD, New York City Cyber Command (NYC3) and Global Cyber Alliance launched the New York City Cyber Critical Services and Infrastructure project.

That first year, its members “deployed public and private volunteers to Brooklyn Hospital to respond to a ransomware attack on its network,” spending a week there “working to find malware and reconfiguring hospital servers.” NYPD deputy commissioner of intelligence and counterterrorism John Miller reported that ransomware attacks take place every 14 seconds in the U.S., with 40 percent of companies paying the ransom and 80 percent getting hit again.

“When one major piece of critical infrastructure is under attack, they’re all under attack,” said Miller. “If those entities fail, all our response plans fail with them.”

Global Cyber Alliance president and chief executive Philip Reitinger said that “cities increasingly depend on cyber … everything is connected.” At the IBM cyber range, the coalition has held several “war games” where “participants use their own systems to practice fending off real attacks together.” “You want to mitigate the surprise,” said New York City’s chief information officer and head of cyber command Geoff Brown.

The Hill reports that, “last week, Miami-based technology firm Kaseya’s security was breached, an attack that resulted in hundreds of companies around the world being immobilized, with schools, businesses, public sector groups and credit unions among the firms who have been affected.”

Engadget notes that, “cities like Atlanta and Baltimore have reeled from ransomware attacks in recent years, in numerous cases taking a long time (and a lot of money) to recover. A coordinated operations facility could help those cities bounce back quickly from a wide variety of hacks, or at least mitigate the damage.”