Cyberspace: Israel’s Next-Generation Battlefield Today
The country is targeted by approximately 1,000 cyber-attacks every minute, posing a major threat to critical infrastructure
The strategic threats to Israel are many and well-known, including Iran’s regional expansionism and potential nuclearization; Hizbullah’s militarization of Lebanon and the growing instability in the Golan Heights caused by the war in Syria in the north; Hamas’ domination of Gaza in the south; and the growing presence of the Islamic State in the Sinai Peninsula.
However, over the past decade a new and potentially devastating risk has emerged: namely, Israel has become the target of continuous, sophisticated and dangerous cyber attacks.
Erez Kreiner, former head of the National Cyber Authority and presently the CEO of a cyber consulting firm, told The Media Line that Israel’s electric grid and natural gas installations come under attack daily and that even one successful breach could cause serious disruptions to industry, if not worse.
“Cyber criminals are used as proxies and paid a lot of money by terrorist organizations and other non-state actors who lack the technical capabilities to attack Israeli systems on their own” he explained.
The Israel Electric Corporation (IEC), for example, the country’s largest supplier of electrical power, is one of the most targeted critical infrastructure, facing some 10,000 threats every hour.
To combat this phenomenon, CyberGym, a subsidiary of the IEC, was established by top level security experts who graduated from Israel’s military cyber security corps. Created in 2013, CyberGym is a joint venture between the IEC and CyberControl, an Israeli cyber security consultancy group.
Major General (res.) Yiftach Ron Tal, Chairman of the IEC Board of Directors, revealed to The Media Line that “we contend with hundreds of thousands of attempts on our systems because we are an attractive target. We have set up the most advanced training and protection facilities in the world.”
The IEC has, in fact, developed some unique systems and methodologies for defending against cyber attacks; which, in turn, has attracted the interest of several countries that have sent delegations to Israel to learn how to defend their own power grids.
The Israeli government’s decision to set up the National Cybernetic Taskforce, in addition to the establishment of a cyber security campus in Beersheva, is testament to its long-term strategic planning and commitment to developing counter-measures to protect Israel’s cyberspace. Jerusalem also provides budgetary support for various state entities such as the National Information Security Authority.
According to the National Cyber Bureau (NCB), Israel experiences approximately 1,000 cyber attacks each minute, perpetrated by state-sponsored groups, independent hackers, organized crime cartels and terrorist organizations. Their methods have become increasingly complex and diversified such that every Israeli sector is now a potential target.
The main goal of the NCB is to improve the impenetrability of critical national infrastructure, while coordinating between various governmental, defense and cyber security entities. It also advises the government on issues pertaining to legislation and regulation and, generally, how to improve Israel’s preparedness.
“Iran is the main source of threats to Israeli critical infrastructure such as the Electric Company,” Yotam Guttman, Vice President of Marketing at the start-up Cyber DB, a research group focusing on cyber security told The Media Line. “Israel also suffers from global ‘hacktivism,’ which targets everything from the army to government buildings to research facilities.
“They try to extract as much intelligence as they can,” he expounded, “and also attempt to obstruct any processes in order to inflict as much damage as possible. Palestinians in Gaza are trying the same thing. From time to time they have succeeded but their capabilities are limited.”
In this respect, hackers have, to date, not succeeded in inflicting any significant damage to Israel’s infrastructure, as was the case in Saudi Arabia when the operations of the state-owned Aramco oil company were crippled for several weeks.
As far as Israel’s natural gas installations are concerned, Guttman stressed that the offshore platforms have their own security but they are aided by the state. While they remain vulnerable, they are less so than other targets because they do not use traditional communication cables but rather SATCOM, which is more difficult to attack.
“Modern cyber threats are not just a concern for IT security professionals, but also for oil and gas control system operators, whose industrial sites and SCADA networks are increasingly at risk of cyber-sabotage, compromised safety systems, down time and lost production from Internet and cloud-based connections,” said Andrew Ginter, Vice President of Industrial Security at Waterfall Security Solutions, which is involved in protecting natural gas installations off the coast of Haifa.
Ginter said that the threats to oil and gas networks have changed dramatically over the past 5 years and operators are looking for solutions that address the needs of reliability-critical and safety-critical networks.
For its part, the Israel Defense Forces was one of the first armies in the world to establish a situation room devoted entirely to cyber-defense. Formed three years ago, the situation room is under the command of the C4I unit, which protects all of the army’s IT infrastructure as well as its computer systems; this, twenty-four hours a day, seven days a week, constantly assessing threats and incidents and working with local cyber-defense teams.
The Head of Public Affairs Division of the C4I told to The Media Line that “over the past few years we have seen an increase in attempts to attack our systems and facilities from the north, including several attempts by the Syrian Electronic Army (SEA) on a daily basis. The threats are aimed at disrupting our defense and attack capabilities. With Iran’s assistance, Hizbullah’s cyber capabilities have improved dramatically.”
The officer explained that due to its elite cyber teams, code-named blue and red, “the IDF has the edge on its enemies. But we can never for a moment be complacent and let our guard down.”
While Israel appears to be dealing with the cyber threat in advanced ways consistent with its overall national security strategy, additional measures likely will have to be taken. This includes strengthening cooperation between security agencies in charge of cyber-defense in order to streamline efforts and develop the most efficient policies for dealing with what many believe will become the primary battlefield of the 21st century.