Below: Exclusive coverage of Customs and Border Protection’s new initiative to update border phone search procedures and how the healthcare sector faces a surge in cyberattacks. beginning:
US, Middle East and North African allies expand cooperation on cyber defense
The United States and its four allies in the Middle East and North Africa today announced that the 2020 agreement that normalizes relations between Israel and a handful of other countries in the region has been formally expanded to include cybersecurity.
The deal, which is still in development, includes possibilities such as increased information sharing on cybersecurity threats and tabletop exercises among some signatories to the Abraham Accords. Under Secretary for Strategy, Policy and Planning, Department of Homeland Security Rob SilversVisiting Israel for the announcement and further consultations, he said the expansion builds on existing cyber cooperation between Israel, the United Arab Emirates and the United States, including in Bahrain and Morocco.
In an exclusive interview with The Cybersecurity 202, Silvers said: “Our nation faces common cyber challenges. Clearly, we all face cybercrime, ransomware, and more.
“Iran is a dangerous and destabilizing actor for the entire region,” Silvers said. “We have seen attacks against targets in the United States as well as targets throughout the Middle East.”
One potential policy concern arising from the agreement is: Bahrain, Morocco, and the UAE have all been accused of spyware abuse, and the UAE in particular has a history of using cyber for malicious purposes. Critics say the U.S. government, which has sanctioned spyware companies like the NSO Group, is reluctant to help these countries with their cyber activities, given its alleged history of malicious use of hacking tools. said he was concerned.
“Given the extensive history of abuse regarding cyber operations in all the countries mentioned, I would definitely be concerned. Ronald DeibertThe director of the Citizen Lab at the Munch School at the University of Toronto told me: “They all have a track record of using mercenary spyware to target human rights defenders and political opposition parties, and it is very disturbing that the UAE employs defense and intelligence contractors to operate. We have a long history.”
Silvers touts the deal as a history-making achievement. “This is a piece of diplomatic history, a piece of cybersecurity history, and a great opportunity to deepen security partnerships,” Silvers said as he prepared to speak at the Cybertech Conference in Tel Aviv this morning. I said in The cyber he leader of the Abraham Accord nations will appear on the conference stage later today.
Cyber cooperation between Israel, the UAE and the US is already bearing fruit, Silvers said.
- “We got actionable and relevant threat information through these channels,” he said in an interview.
- He later explained more in an emailed remark.
- He did not say whether the information was about Iran. But he said Iran “has loomed large over the region” and, in his speech, criticized Iranian cyberattacks on Israeli water utilities and the U.S. transportation and health sector.
When asked about the history of cyber surveillance in the United Arab Emirates, “When we have concerns, we have an open conversation,” Silvers said.
Silvers also defended the Biden administration’s record on spyware.
- “This administration consistently condemns the use of spyware and licensed spyware developers as violating human rights and freedom of expression, and is open to partners when they have concerns,” he said. is writing “That said, there is a long history of defense and security cooperation between the United States and our partners in the region, and it is critical that we work together against cyber threats shared by our critical infrastructure.”
- “We work together on cyber defense with partners around the world who align with our values,” he continued. “Our efforts to expand the Abraham Accord focus on network defense and cybersecurity collaboration to address common threats such as nation-states and widespread ransomware attacks targeting critical infrastructure. We share information about cyber threats, incidents, and our approach to these challenges to improve overall cybersecurity and resilience.”
But there are still causes for concern, said Deibert.
“It’s common to publicly describe cyber operations as essentially ‘defensive’ or ‘critical infrastructure’ with a limited focus,” he said. “However, history has shown that these activities morph into more aggressive behavior, as in the case of the United Arab Emirates. It defines ‘threat of violence’, ‘crime’ and ‘terrorism’ very broadly and includes civil society in its mandate.”
Still, two other experts hailed the cyber extension of the Abraham Accords as a welcome development.
“I think it’s a great idea.” Christopher PainterThe top cyber officer at the State Department during the Obama administration told me. Given the links between Israel, the United Arab Emirates and the United States, it is a “natural trend” to expand.
How effective it is depends on the details, he said. “What does this really entail?” said Painter, who is currently president of the Cyber Expertise Foundation’s Global Forum. “It’s going to be more important than just announcing, but it has symbolic significance.”
But Painter isn’t worried about the hacking records of some of the countries involved and whether the United States can navigate them. Neither DHS nor the US government at large is ignorant of spyware and human rights issues, he said. “I strongly suspect that the U.S. government is not only aware of this, but is intruding with wide eyes. I will pay attention.”
Melissa KurmaHe is the Program Director of the Middle East Program at the Wilson Center think tank.
But if we focus on defense, it becomes a more positive development. “Closer cooperation to strengthen security, in this case cyber, is a step in the right direction,” she said. “That’s very good news.”
Exclusive: Customs officials say they will update phone search procedures at borders
Customs and Border Protection said on Monday it would update its practices related to searching phones and other electronic devices at borders. This includes publishing more detailed information about searches and giving people more information about long-term storage of data. According to details shared exclusively with The Cyber 202.
Decisions are made after the senators. Ron Wyden (D-Ore.) issued a letter in September requesting it update its search guidelines to “better protect national security and respect the rights of Americans to travel abroad for business and leisure.” I sent it to my agent.
At the time, Wyden said not only did government agencies “pressure” travelers to unlock their devices, but from thousands of searches that can be found in the accounts of every Homeland Security employee. He said he maintains a central database.
In a letter sent to Widen on Monday, CBP said it would consider shortening the maximum 15 years that search data can reside in the DHS system and limiting the number of people who have access to it.
- “CBP is committed to protecting the rights of individuals from unjustified search and seizure and ensuring privacy protections while performing our national security and border enforcement missions,” said the CBP Deputy Commissioner. says. Troy Miller wrote in a letter. “CBP remains committed to providing as much notice and transparency as possible regarding border inspections of electronic devices.”
- The agency also said it plans to produce a more detailed report on why the search was conducted and to better explain the implications of the procedure to travelers.
“I am pleased that the administration has adopted some of the reforms I called for last year,” Wyden said in a statement. We will protect it.” Wyden added that CBP’s practice of searching devices without a warrant remains a “serious threat to the privacy and freedom of Americans.”
Biden administration moves to ban US companies from exporting to Huawei
The Ministry of Commerce has begun notifying technology companies that they will not provide licenses to do business with Chinese telecommunications giant Huawei. financial timesreports Demetri Sevastopulo of
“The move comes as Washington ramps up its efforts to work with allies to slow China’s move to develop cutting-edge technologies such as artificial intelligence and semiconductors used in hypersonic weapons. ” wrote Sevastopullo. U.S. and other national security officials have long argued that Huawei could assist the Chinese government in spying. The company denies the allegations.
The Trump administration imposed restrictions on exports to Huawei, but products related to high-speed 5G communications networks were not included in that ban. restricted to do. And last week, the US, Japan and the Netherlands reportedly agreed to ban companies from exporting certain chip-making hardware to China.
HHS warns of surge in Russian DDoS attacks against hospitals
The Department of Health and Human Services and the American Hospital Association warned Monday that the healthcare sector has been hit by a recent spike in distributed denial of service (DDoS) attacks by Russian hacking group KillNet. Information Security Media Group Marianne Corvasc-McGee reports.
“Pro-Russian activist groups have specifically targeted U.S. hospitals and medical systems for these denial-of-service attacks. can overwhelm them, crash them, make them unavailable, and potentially even affect the patient portal.” John Riggithe AHA’s national advisor for cybersecurity and risk, told the outlet.
The cyber attack is the latest to target organizations in a country allied with Ukraine since Russia invaded the country. Killnet has previously threatened to target organizations in the healthcare industry.
“Attacks have proven to be mostly more frustrating than dangerous,” McGee writes, but the impact can be magnified when critical sites are inaccessible. So hospitals still have to pay attention to attacks.
Russian Foreign Ministry claims to be targeted by ‘coordinated’ cyberattacks (Alexander Martin)
TSA issues security directives to airports, airlines after ‘no fly’ list leaked
Court finds ‘serious failure’ by UK security agency to protect privacy (Jane Croft)
Cybercriminal groups offer six-figure salaries, bonuses and paid vacation to attract talent on dark web (AJ Vicens)
Hackers find bug that lets anyone bypass Facebook’s 2FA (Lorenzo Franceschi-Bicchierai)
- US cyber ambassador Nathaniel Fick Speaking at an event organized by the German Marshall Foundation on Thursday at 10:30 am
thank you for reading. see you tomorrow.