FBI describes Operation Winter Shield and urges early industry engagement

Brett Leatherman, assistant director of the FBI Cyber Division, said the bureau launched Operation Winter Shield to turn investigative intelligence into practical steps companies can use to harden their networks. "Operation Winter Shield... is the FBI 60 day campaign to defend the homeland," he said.

The initiative, Leatherman said, packages law enforcement insights into the "top 10 ways" organizations can improve resilience and is being conducted across the bureau's 56 field offices. He asked companies to build relationships with their local FBI field office and to include law enforcement in tabletop exercises and incident response plans so intelligence can be shared quickly when breaches occur.

Josh Blanchard, a supervisory special agent with the FBI's Washington field office, said industry partners are "key" to the FBI's tactical work: they provide telemetry and remediation access that helps investigators act. "Today, we're launching a WebEx with a lot of our key partners... wherein we're gonna have very tactical and specific things that we can provide to these prospective victims," he said.

Tashiana Bridal, section chief for cyber engagement and intelligence, highlighted products the division publishes and where to find them: "Anything that we've published, any PSAs, that are notable, go to ic3.gov and you'll be able to get access to them there." The panelists also pointed listeners to joint advisories posted on CISA's alerts page and to FBI Cyber Division channels for sector-specific notices.

The briefing closed with Leatherman stressing a victim-centric approach: the FBI pursues attribution and legal action while providing services to help victims contain and eradicate intrusions. He said the bureau's goal is to make it easier for organizations to seek help before and during incidents so that indicators can be actioned and risks reduced.