CNN reports that the U.S. and Israel have finalized an agreement aimed at strengthening both countries' cyber defenses, enabling the sharing of key information regarding separate cyberattacks against their respective infrastructures.
Revealed in the intelligence sharing was a previously unreported failed distributed denial-of-service attack against the U.S. Treasury Department's computer servers between February and March conducted by pro-Russian hackers in retaliation to U.S. sanctions on Russia following its invasion of Ukraine, according to Treasury Department Deputy Assistant for Cybersecurity and Critical Infrastructure Protection Todd Conklin.
Israel has also divulged with the Treasury technical details regarding a separate Iranian-led DDoS attack in March that disrupted some government websites, said Conklin.
Aside from accelerating the trade of threat data between both countries, the agreement may also advance cybersecurity drills between U.S. and Israeli financial firms, Conklin noted.
"Israel has a really strong public-private partnership in this space. So they have access to a lot more real-time vulnerability data impacting ... not only government systems, but also their broader private sector," he added.
Aside from featuring over 40 million signals from the DNS Research Federation's data platform and the Global Anti-Scam Alliance's comprehensive stakeholder network, the Global Signal Exchange will also contain more than 100,000 bad merchant URLs and one million scam signals from Google.
While some threat actors established fraudulent disaster relief websites as part of phishing attacks aimed at exfiltrating financial details and Social Security numbers from individuals seeking aid, others impersonated Federal Emergency Management Agency assistance providers to create fake claims that enabled relief fund and personal data theft.
Malicious GitHub pages and YouTube videos containing links for purported cracked office software, automated trading bots, and game cheats, have been leveraged to facilitate the download of self-extracting password-protected archives.