The US Treasury Department recently announced a new partnership with Israel to expand efforts to combat
ransomware attacks across the globe. The objective is to create a joint task force to fight several hacking occurrences and other cybercrimes. This statement comes at the heels of the Counter-Ransomware initiative meeting virtually hosted at the White House with more than 30 countries and the European Union in attendance.
Why are the USA & Israel Working Together on this?
This new project is reported to be part of the Biden administration's efforts to increase international collaboration in the fight against ransomware.
According to Lionel Sigal, head of cyber threat intelligence at CYE, a cyber defense company,
“the U.S. and Israel have partnered closely on defense for many years. This cooperation in the cyber warfare arena is surely mutually beneficial and will increase the sharing of knowledge and technologies to improve the detection, attribution, and prevention of attacks, as well as the development of technologies to better engage future attacks. Together, Israel, being a cyber ‘elite' country and the U.S. with its superpower resources, can create a very effective ecosystem to combat ransomware.”
The relationship was reinforced during discussions in Israel between US Deputy Treasury Secretary Wally Adeyemo and Finance Minister Avigdor Liberman and National Cyber Directorate Director Yigal Unna.
“Harnessing both the power of international cooperation and of technology innovation will position us to support economic competitiveness, prosperity, and to combat global threats including ransomware,”
Adeyemo said in a statement.
The two sides will work together to develop a formal agreement to support information sharing related to the financial sector, like cybersecurity threat intelligence; employee training, and study visits to encourage cybersecurity collaboration.
Sergey Gribov partner at Flint Capital, an
Israeli-American venture capital firm with a primary interest in cybersecurity. He noted that “Today, about 30% of cyber security companies are Israeli, so a partnership between the United States and Israel makes sense. Israel was the first country to recognize cyberspace as a separate warfare domain. Furthermore, it established the Cyber Directorate, which is responsible for cyber defense in the civilian and government spheres.
“Unfortunately, Israel is constantly under attack, but it is more successful than many other countries in defending both public and private infrastructure. In part, that's because government cyberinfrastructure is advanced and in part, it's because private and public cyber companies collaborate successfully,”
Gribov observed.
Why is a Ransomware Crackdown Necessary?
According to the Times of Israel, a series of ransomware asaults have targeted key infrastructure, food producers, a police agency, the NBA, and private industry businesses in the United States this year. Meanwhile, according to a recent report, Israel has been the country most impacted by ransomware since 2020.
“As the global economy recovers and ransomware and other illicit finance threats present a grave challenge to Israel and the United States, increased information exchanges, joint work, and collaboration on policy, regulation, and enforcement are critical to our economic and national security objectives,”
he added.
Which Ransomware Groups Have Been Identified So Far?
It has been reported that many high-profile attacks against companies and firms have occurred in the United States and throughout the world in 2021. Only six ransomware groups are responsible for 292 firms' cybersecurity defenses being breached. These criminal gangs have collected more than $45 million in ransom money as a result of their attacks. Esentire's report mentions the six groups to be Conti, REvil, Doppelpaymer, Clop, Avaddon, and DarkSide.
Adeyemo's visit to Israel occurred less than a week after the
US Department of Commerce added two Israeli phone spyware businesses, NSO Group and Candiru, to a list of foreign entities engaged in destructive cyber operations.
NSO Group and Candiru were accused of supplying governments with spyware software that was later used to target journalists and activists. NSO however claims that its software is exclusively intended to help governments combat crime and terrorism.
What Efforts Have Been Made Before This Partnership?
In July, US Vice President Joe Biden stated that he had informed Russian President Vladimir Putin about the widespread use of ransomware. At the time, Russia was thought to be a hotbed for hackers preparing security risks all over the world. In the same month, the Kaseya cyber-attack occurred, in which hackers gained access to over 1,500 businesses.
Biden responded by promising to punish the Russian-linked gang responsible for the bulk of cybercrime in the US.
For instance, the DarkSide ransomware group is alleged to be an all-Russian group that took advantage of the Colonial Pipeline many months ago. As a result of the widespread attack, the system was abruptly shut down across the country.
The
US Department of Justice said earlier this month that it will pay a $10 million reward for information leading to the identification of the DarkSide ransomware group's perpetrators. In addition to the money, the United States will provide an extra $5 million to help prosecute the accused.
Aside from the well-publicized hack, the same organization was responsible for a
data breach at Guess, a well-known American apparel company.