At a glance.
- UAE says it received cyberdefense support from Israel.
- Apple joins tech companies questioning UK’s Online Safety Bill.
- White House budget guidance highlights cybersecurity.
UAE says it received cyberdefense support from Israel.
UAE cyber chief Muhammad al-Kuwaiti says the country recently received a helping hand from Israel in fighting off a distributed denial of service cyberattack, the Jerusalem Post reports. “Thank God for the Abraham Accords,” al-Kuwaiti said at the Tel Aviv Cyber Week Conference yesterday. Speaking of the UAE’s cyberstrategy, he continued, “It has a pillar about protecting and defending. And this is where we plug into the great Start-Up Nation [Israel] where we have many of those companies helping us as a matter of fact to build up that cyber dome or to extend that cyber dome.” Israel’s National Cyber Directorate Head Gabi Portnoy was also at the conference, and in his remarks he specifically called out the Iran, Hezbollah, and threat group MuddyWater, which targeted the Technion-Israel Institute of Technology a few months ago.“Anyone who carries out a cyberattack against Israeli citizens needs to take into account the price he will pay,” Portnoy warned.
Apple joins tech companies questioning UK’s Online Safety Bill.
Tech giants and privacy advocates are speaking out against the UK’s Online Safety Bill, which, if passed, would give the UK government backdoor access to any end-to-end encryption system. Specifically, an amendment to the bill would allow Ofcom, the UK’s communications regulator, the authority to require that tech companies scan for child sex abuse material (CSAM) in end-to-end encrypted messages. Yesterday Apple, creator of iMessage, released a statement criticizing the bill, TechCrunch reports. “End-to-end encryption is a critical capability that protects the privacy of journalists, human rights activists, and diplomats,” the statement reads. “It also helps everyday citizens defend themselves from surveillance, identity theft, fraud, and data breaches. The Online Safety Bill poses a serious threat to this protection, and could put UK citizens at greater risk. Apple urges the government to amend the bill to protect strong end-to-end encryption for the benefit of all.” Coincidentally, in 2021 Apple attempted to implement a CSAM-detection feature in iMessage, but reversed the decision when it received backlash from privacy experts. The Verge notes that messaging giants WhatsApp and Signal have already voiced similar concerns about the Online Safety Bill and recently joined with five other secure messaging apps in signing an open letter warning about the legislation. “If implemented as written, [this bill] could empower Ofcom to try to force the proactive scanning of private messages on end-to-end encrypted communication services — nullifying the purpose of end-to-end encryption as a result and compromising the privacy of all users,” the letter reads. “In short, the bill poses an unprecedented threat to the privacy, safety and security of every UK citizen and the people with whom they communicate.”
White House budget guidance highlights cybersecurity.
This week the White House released guidance urging agencies to prioritize investment in “secure by design” tech in their FY2025 budgets. “Agency investments should lead to durable, long-term solutions that are secure by design,” the guidance states. Signed by Office of Management and Budget Director Shalanda Young and acting National Cyber Director Kemba Walden, the guidance follows the tenets laid out in President Joe Biden’s new national cyber strategy, which came out in March. The guidance also directs agencies to devote funds to zero-trust deployment and “explain efforts to close any gaps in those requirements” and “make clear how agency investments support people, processes, and technology that advance agency capabilities along the Zero Trust Maturity Model.” Mike Hettinger, a former House Oversight and Reform Committee staff member and now president of Hettinger Strategy Group, voiced his support for prioritizing zero trust. “Full implementation of zero trust principles and architectures across the government is key to ensuring agencies can defend against ongoing cyber attacks,” Hettinger told the Federal News Network. “From a congressional funding standpoint, it is imperative that zero trust cybersecurity remain at the very top of the priority list. It is just too critical to be underfunded now, into FY-25 and beyond.”