It also demonstrates that Jerusalem and Washington continue to share the same viewpoints on several cyber-related issues, despite the February disclosure that Israeli-made malware was allegedly deployed against US officials.
The intelligence sharing, made possible by a finalised agreement that the Treasury Department will announce on Thursday, emphasises the value that both governments place on using the information amassed by their private sectors to protect themselves from a variety of hacking threats from both governments and cybercriminals.
Highlights
-
According to Conklin, the malicious cyber exercise, also known as a distributed denial of service (DDoS) attack, didn’t affect Treasury operations, but it was significant enough that US officers shared detailed information about it with their Israeli counterparts so they could assess their systems for the risk. Officials were unable to identify the attacker, but Conklin claimed he believed Russian-friendly hackers may have been to blame.
-
According to Todd Conklin, deputy assistant Treasury for cybersecurity and critical infrastructure safety, one of the hacking incidents involved hackers trying in vain to overwhelm the US Treasury Department’s laptop servers and take them offline in February and March, during the time that Russia waged war in Ukraine and the US imposed sanctions on the Kremlin.
According to Conklin, the US Treasury received technical information about the attack from the Israelis and forwarded it to American financial institutions that are accustomed to Iranian attempts to interfere with their systems.
In a second incident, the Israeli government was targeted by a DDoS attack in March that momentarily took some government websites offline. Some Israeli press reports indicated that this breach originated in Iran.
According to Conklin, both of the hacking incidents show how the new agreement to quickly apply business risk knowledge is supposed to operate. There are several ways for the two governments to exchange information about cyberthreats, including between protection and homeland security organisations.
However, the new arrangement gives officials from the Israeli finance ministry and the US Treasury a legitimate way to immediately share hacking threats to their respective financial sectors, as opposed to an ad hoc association that relies on personal contacts. According to Conklin, the arrangement could also result in more cyberattack training exercises involving major US financial institutions and their Israeli counterparts.
“Israel has a really strong public-private partnership in this space,” Conklin instructed. “So they have access to a lot more real-time vulnerability data impacting … not only government systems, but also their broader private sector.” The US and Israel have a long and complex history of working together in our online world, a history that has occasionally been enhanced — and tested — by their common enemy, Iran. A 2009 and 2010 effort to breach sensitive laptop techniques and destroy uranium-enrichment centrifuges at an Iranian nuclear complex was purportedly carried out by US and Israeli personnel.
The US is currently looking to resurrect the 2015 agreement with Iran to place restrictions on Tehran’s nuclear programme in exchange for the lifting of sanctions. According to researchers, Iranian hacking activities typically fluctuate in response to geopolitical events. No reviews of a change in Iranian cyber exercises during the most recent nuclear-deal discussions have been made public.