3rd Party Risk Management , Business Continuity Management / Disaster Recovery , Critical Infrastructure Security

US, Israel Expand Cyber Partnership, Announce Task Force

Move Follows Recent US Action Against Israeli Spyware Firm NSO Group
US, Israel Expand Cyber Partnership, Announce Task Force
Finance Ministry Building, Jerusalem (Photo: Assaf Luxembourg via Wiki/CC)

The U.S. and Israel will expand their diplomatic relationship around cybersecurity after announcing a bilateral task force to support IT security and fintech innovation, according to officials at the U.S. Department of the Treasury. The news follows recent action by the U.S. Department of Commerce to blacklist Israeli spyware firm NSO Group.

See Also: Modernizing Malware Security with Cloud Sandboxing in the Public Sector

Deputy Secretary of the Treasury Wally Adeyemo met with Israeli Finance Minister Avigdor Lieberman and Director General of the National Cyber Directorate Yigal Unna in Israel on Sunday to announce the partnership, which aims to protect critical financial infrastructure and counter ransomware, they said.

Officials said in a statement that they will form a new "U.S.-Israeli Task Force on Fintech Innovation and Cybersecurity."

"As the global economy recovers and ransomware and other illicit finance threats present a grave challenge to Israel and the U.S., increased information exchanges, joint work, and collaboration on policy, regulation, and enforcement are critical to our economic and national security objectives," Adeyemo said.

"Strategic alliances win wars, pure and simple," says Tim Wade, a former network and security technical manager with the U.S. Air Force. "The U.S.-Israeli partnership against ransomware is not only welcome and likely to be productive, it's in the tradition of effective international partnerships."

Wade, currently the technical director and CTO at the firm Vectra AI, adds, "Our efforts against cybercrime to date have been hampered by insufficient global alliances. Good ones devoted to other forms of criminal activity point the way toward better cybersecurity."

Yet it is also about optics - especially on the heels of the recent White House ransomware summit, says Rosa Smothers, a former Central Intelligence Agency threat analyst and technical intelligence officer.

"This makes sense, but there is also likely a PR motivation," says Smothers, currently the senior vice president of cyber operations at the firm KnowBe4. She cites recent NSO Group headlines as potential motivation for Israel to strengthen ties with the U.S.

Memorandum of Understanding

U.S. Treasury Department officials said a yet-to-be-drafted memorandum of understanding between the two nations will cover the following:

  • Financial sector information sharing on regulations and guidance, and on threat intelligence;
  • Staff training, study visits and cross-border competency-building activities;
  • Technical exchanges on policy, regulation and outreach;
  • Improved public sector analytics and enforcement.

'Valuable Partnerships'

Praising similar partnerships, Adam Flatley, a member of the U.S. Ransomware Task Force and a former technical lead for the National Security Agency, says these efforts will need to take "different forms to be effective." Some, like this one, "will be bilateral," he says. "The U.S. and Israel have long worked closely and effectively together on critical security issues of common interest."

Flatley, currently the director of threat intelligence for the firm [redacted], adds, "Others will be multilateral …. [but] all of these relationships are valuable and necessary in concert with a global coordinated campaign."

"Israel is a strategic partner in this sector because it has long seen cybersecurity as a national security issue," says Marcus Fowler, a former department chief for the CIA and currently the director of strategic threat at the firm Darktrace. "Israel is also highly advanced in applying new technologies and innovations."

File image of NSO Group

Developments With NSO Spyware

This month, the U.S. Department of Commerce added both NSO Group and fellow Israeli spyware company Candiru to its Entity List for allegedly engaging in activities "contrary to the national security or foreign policy interests of the U.S." A final rule from the Commerce Department's Bureau of Industry and Security - or BIS - says the companies "threatened the privacy and security of individuals and organizations worldwide." Those on the Entity List cannot purchase U.S. technologies or goods without a license provided by the Department of Commerce (see: US Commerce Department Blacklists Israeli Spyware Firms).

An NSO Group spokesperson previously told U.S. media that the company was "dismayed" by the decision, "given that our technologies support U.S. national security interests and policies by preventing terrorism and crime."

Israeli Foreign Affairs Minister Yair Lapid later distanced the government from the NSO Group, which distributes its products under licenses from Israel's Defense Ministry, which is reportedly investigating the company's activities. NSO Group has said it sells its products to law enforcement and intelligence agencies for legitimate use.

"NSO is a private company. It is not a governmental project and therefore, even if it is designated, it has nothing to do with the policies of the Israeli government," Lapid told reporters this month, according to Reuters.

Shalev Hulio, the co-founder and CEO of NSO Group, announced that he will remain in his position as CEO, following reports by Israeli media that its CEO-designate, Itzik Benbenisti, currently NSO's co-president, has resigned (see: NSO's Troubles Extend Beyond CEO-Designate Quitting).

Whole-of-Government Approach

Last week, the Treasury Department blacklisted cryptocurrency exchange Chatex, along with a network of entities it says support the exchange, for allegedly facilitating ransomware-related financial transactions (see: US Treasury Blacklists Cryptocurrency Exchange Chatex).

This followed the White House's "counter-ransomware" summit held last month - with attendance from more than 30 countries, including Israel. During the meeting, Adeyemo reportedly urged global action against the abuse of virtual currency used in ransomware transactions (see: US Convenes Global Ransomware Summit Without Russia).

And last week, Vice President Kamala Harris confirmed that the U.S. would be joining the Paris Call, an 80-nation cybersecurity pact established in 2018 by French President Emmanuel Macron to develop international cybersecurity norms (see: VP Kamala Harris: US Will Join 80-Nation Cybersecurity Pact).

Recapping her meeting with Macron, Harris told reporters last week, "We talked extensively … about what we as nations must do, who have similar values … to apply those principles and norms to how we will engage with each other … as it relates to our use of technology.

"And, [on] cybersecurity … addressing what we have seen in the U.S. and around the world - [with] hackers that have compromised systems [via] ransomware."

U.S. President Joe Biden is set to sign his administration's landmark $1.2 trillion Infrastructure Investment and Jobs Act on Monday, unlocking some $1.9 billion in new cybersecurity funding for the federal government. The bill includes a $1 billion grant program to assist state, local, tribal and territorial governments guard against cyberthreats (see: Infrastructure Bill Features $1.9 Billion in Cyber Funding).


About the Author

Dan Gunderman

Dan Gunderman

Former News Desk Staff Writer

As staff writer on the news desk at Information Security Media Group, Gunderman covered governmental/geopolitical cybersecurity updates from across the globe. Previously, he was the editor of Cyber Security Hub, or CSHub.com, covering enterprise security news and strategy for CISOs, CIOs and top decision-makers. He also formerly was a reporter for the New York Daily News, where he covered breaking news, politics, technology and more. Gunderman has also written and edited for such news publications as NorthJersey.com, Patch.com and CheatSheet.com.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.