Weekly Wrap-Up
Week of July 5, 2021
Pentagon Cancels JEDI Cloud Contract
(NextGov) The Defense Department is canceling the embattled Joint Enterprise Defense Infrastructure contract, officials announced Tuesday. 

“With the shifting technology environment, it has become clear that the JEDI Cloud contract, which has long been delayed, no longer meets the requirements to fill the DoD’s capability gaps,” a DOD spokesperson said in an announcement shared with media.

Cancellation of the JEDI project comes with a new DOD cloud effort called the Joint Warfighter Cloud Capability, or JWCC. The project will be a multi-cloud, multi-vendor indefinite-delivery, indefinite-quantity contract. Like with JEDI, DOD anticipates a multibillion-dollar ceiling. The JWCC will start with a three-year base period and two one-year options.
DOB Cancels $10B JEDI Contract
(FedScoop) The Pentagon announced Tuesday it has canceled the $10 billion Joint Enterprise Defense Infrastructure (JEDI) cloud procurement, nearly two years after awarding the contract to Microsoft.

In a release, the Department of Defense said it has “initiated contract termination procedures” for the JEDI contract and is planning to replace it with a new contract that better fits the department’s cloud needs today. “The Department has determined that, due to evolving requirements, increased cloud conversancy, and industry advances, the JEDI Cloud contract no longer meets its needs,” it said.
Pentagon Hits Reset on Trump's $10 bln Cloud Deal, Welcoming New Players
(Reuters) The U.S. Defense Department canceled its $10 billion JEDI cloud-computing project on Tuesday, reversing the Trump-era award to Microsoft Corp (MSFT.O) and announcing a new contract expected to include its rival Amazon.com (AMZN.O) and possibly other cloud players.

The contract was coveted not for its dollar value as much as its prestige: Both companies for years have sought to persuade businesses and governments that it was safe to shift computing work into their data centers. Meeting all the security requirements of the U.S. military would have been a visible stamp of approval likely to sway other corporate and government clients, analysts said.
Pentagon Cancels $10 Billion JEDI Cloud Contract that Amazon and Microsoft Were Fighting Over
(CNBC) The Department of Defense announced Tuesday it’s calling off the $10 billion cloud contract that was the subject of a legal battle involving Amazon and Microsoft. But it’s also announcing a new contract and soliciting proposals from both cloud service providers where both will likely clinch a reward.

The JEDI, or Joint Enterprise Defense Infrastructure, deal has become one of the most tangled contracts for the DOD. In a press release Tuesday, the Pentagon said that “due to evolving requirements, increased cloud conversancy, and industry advances, the JEDI Cloud contract no longer meets its needs.”

Shares of Microsoft were down about 0.4% following the news and Amazon’s stock was up 3.5% after already reaching a 52-week high.
Pentagon Cancels $10bn 'Jedi' Contract
(BBC) The US Department of Defense said the $10bn contract no longer met its current needs due to the "shifting technology environment".

Microsoft was awarded the contract, but Amazon claimed President Trump had influenced the decision.

Amazon and Microsoft will both have the opportunity to bid for a new contract.

After Microsoft won the massive Joint Enterprise Defense Infrastructure (Jedi) contract, it drew complaints and a legal challenge from tech rival Amazon, which claimed that the choice was politically motivated.
Member News
Kaseya Supply Chain Ransomware Attack - Technical Analysis of the REvil Payload
(Zscaler Blog) On July 2, 2021, Kaseya, an IT Management software firm, disclosed a security incident impacting their on-premises version of Kaseya's Virtual System Administrator (VSA) software. Kaseya VSA is a cloud-based Managed Service Provider (MSP) platform that allows service providers to perform patch management, backups, and client monitoring for their customers. Per Kaseya, the majority of their customers that rely on Software-as-a-Service (SaaS) based offerings were not impacted by this issue; only a small percentage (less than 40 worldwide) running on-premise instances of Kaseya VSA server were affected, though it is believed that 1,000+ organizations were impacted downstream.
Understanding REvil: The Ransomware Gang Behind the Kaseya Attack
(Palo Alto Networks Blog) REvil has emerged as one of the world’s most notorious ransomware operators. In just the past month, it extracted an $11 million payment from the U.S. subsidiary of the world’s largest meatpacking company based in Brazil, demanded $5 million from a Brazilian medical diagnostics company and launched a large-scale attack on dozens, perhaps hundreds, of companies that use IT management software from Kaseya VSA.
Kaseya, Sera. What REvil Shall Encrypt, Shall Encrypt
(Splunk Blogs) When Splunk told me we would have a “breach holiday” theme for the summer, I didn’t think it would be quite so on the nose… For those of you who have been working on this Kaseya REvil Ransomware incident over the weekend, I salute you. We’ve been doing the same. As usual, my team here at Splunk likes to make sure that we have some actionable material before posting a blog, and this time is no different. In the sections below, you will see that we break this out into a little bit of a different format than usual.
If you would like to have your story featured in ADI's Member News, please contact ADI's Policy & Communications Manager, Jaishri Atri.
Questions? Inquiries? Please e-mail: info@hq.alliance4digitalinnovation.org