Gil Sharon, the CEO of cellular operator Pelephone, on Monday rushed to rule out the possibility that the failure of his company’s cellular network on Sunday was caused by hacking or another form of cyber attack. Sharon made his comments even though he didn’t know with full certainty the reason why the company’s operations were interrupted, by a failure at the very heart of its cellular network.
- EU mulls forcing companies to report cyber attacks
- Anonymous activists hack into 600,000 Israeli email accounts
- Danger of cyber-warfare on the rise as armies chart new ground
- Stuxnet virus was deployed against Iran as early as 2007, researchers say
- Tech roundup / Hackers inspire investors: a boon for Israeli cyber security companies
- Hackers plan cyber attack against Israeli targets in April
- Israel, cyber warrior that can't protect its own companies
- Iran hackers spy on U.S. leaders, Israel lobby using phony Facebook profiles
While Pelephone may have ruled out such an attack, other computer security experts were of the opinion that a cyber attack was a real possibility − and intentional. In any case, don’t expect too many details.
The public may be the ones using Pelephone’s network and phones − and paying for it − but the cellular companies do not provide customers with such information. No Israeli company has ever revealed, of its own volition, whether it was the victim of a cyber attack. The big collapse of Cellcom’s network two years ago has never been properly explained to the public. As for cyber warfare here, Israeli citizens should know that they are the target.
According to foreign sources, Israel, along with the United States, developed the Stuxnet worm that disrupted the Iranian nuclear program; Israel has drafted hundreds of young soldiers into its cyber warfare units; and the government’s computer networks and computers are protected.
Although there is no such thing as an impregnable defense, it is very hard for enemies to infiltrate these computer networks. Which leaves softer targets: commercial businesses and service providers such as cellular operators, Internet service providers, banks, Internet commerce sites − and, of course, the private computers of Israel’s citizens.
Since many governments worldwide have strengthened their cyber defenses greatly in recent years, and as it becomes more and more difficult to attack government offices and national infrastructure, private businesses will become the main targets, says Dr. Thomas Rid, of the department of War Studies at King’s College London.
The collapse of a cellular network for a short time is not particularly significant by itself, he notes, but at a time of national emergency it could cause chaos
Quite a number of institutions have fallen victim to cyber attacks recently: banks in the United States; Twitter; The New York Times, The Wall Street Journal and the Washington Post, and, last weekend, Haaretz, are just part of the list. If such companies, which spend large sums protecting themselves, fall victim to such attacks, what can the average citizen do? The level of household security is much lower, and quite a few people use the Internet and their home computers, where security is often not the most advanced, for financial matters.
So who protects the Israeli civilian home front from cyber attack? Israel Police has a unit that investigates computer crime, but it is mostly busy finding pedophiles on the Internet and does not have the resources to deal with a sophisticated cyber attack.
The National Emergency Management Authority in the Home Front Defense Ministry has carried out exercises in recent years, in conjunction with the Israel Defense Forces’ Home Front Command, on how to deal with a cyber attack that paralyzes certain parts of the national infrastructure, such as the electricity system. But providing a solution for a commercial business is much more complicated.
There is also no declared enemy to fight, as no country has ever declared that it is participating in cyber warfare. Besides, many of the attacks are carried out by criminal groups, terror organizations or private hackers − all acting from personal or ideological motives.
The body in Israel tasked with preventing cyber attacks on national infrastructure is the Shin Bet security service, which oversees the Israel National Information Security Authority.
NISA is responsible for supervising and advising various bodies − whether governmental or private − on defending against cyber terror and information security, as well as identifying and preventing cyber attacks.
Among the bodies NISA supervises are the Bank of Israel, the Israel Securities Authority, the Israel Electric Corporation, Israel Railways, the Mekorot water company, and others.
The Israel National Cyber Bureau (INCB) was established two years ago in the Prime Minister’s Office. In the past year the bureau has mostly been involved in setting up regulations. One of the projects the bureau has already implemented is a plan with the Energy and Water Resources Ministry to map out all the critical national infrastructures.
In the past, INDB head Dr. Eviatar Matania has said that, to a certain extent, the cybernetic threat bypasses all the huge security capabilities the state has built to prevent various threats. In a cyber world, there are no borders, and the physical walls that have been built at an expense of billions simply will not help, he said.
As of now, the only damage to Israel from a cyber attack − that has been revealed publicly, at least − happened a year ago when a Saudi hacker infiltrated Israeli e-commerce sites and exposed the details of 14,000 credit cards and their owners.
In the past, Israeli businesses objected to the state issuing requirements for the protection of computer networks. Times have changed, though, as more and more damage has been done. During times of war, enemy or other hostile forces may penetrate Israeli communication networks to spread panic.
During Operation Pillar of Defense in Gaza last November, for example, a number of citizens received email and text messages from hostile groups, telling them of large numbers of Israeli casualties that had been hidden by the government. Most of the attempts were amateurish and not very credible, but the defense establishment does not rule out the possibility of much more effective and sophisticated ruses in the future.
The country may be increasing its efforts to protect its citizens on the Internet, but it seems that, on this particular front, citizens have little alternative but to rely on their own common sense and protect themselves.