Analysis

Major Weekend Cyberattack Was a Preview for Israel's Future Wars

Israel's military computer systems are well protected, but civilian infrastructures are still quite vulnerable to cyberstrikes.

FILE PHOTO: The face of an attendee is reflected in a laptop computer screen alongside code as he participates in the TechCrunch Disrupt London 2015 Hackathon in London, U.K., on Saturday, Dec. 5, 2015.
Luke MacGregor, Bloomberg

The hacking that brought down websites in the United States and Europe on Friday seems to be the most extensive, sophisticated and ambitious attack of its kind the West has ever experienced. Over the past two years there have been two major hackings of civilian infrastructures in Ukraine and Turkey that were attributed – without it ever having been categorically proven – to Russia, in the context of conflict between it and the two neighboring countries. Israel had a similar hacking experience, of much lesser magnitude, during the last war in the Gaza Strip, which it was able to counter without real damage.

As of Saturday, neither the American government, nor experts interviewed in the media, had directly accused anyone of the attack. It is clear that the attack represents major offensive capability and that it required a great deal of preparation. Ostensibly, the immediate suspect is Russia, which has been accused over the past two months of being behind the hacking of senior officials in the Democratic Party, leaks to the Wikileaks site and the indirect assistance given to the campaign of Republican presidential candidate Donald Trump.

Just last week, Vice President Joe Biden hinted that the United States would consider cyber- retaliation against Russia if it continued the attacks. Precisely in this context, Russia might consider such extensive hacking too risky a gamble – and Moscow is usually an expert at pushing the edge, rather than undertaking suicide attacks.

The actual damage was apparently not very extensive. No American firm collapsed or stopped functioning, although some sites were shut down for a few hours. Denial of service attacks are nothing new; they are the preferred way of hacking civilian infrastructures in terms of the hackers’ cost effectiveness, because the defending side can’t totally stop the attack in a way that completely blocks their access to the internet.

Sign up below and receive every new Amos Harel scoop and analysis
directly in your inbox

According to Israeli cybersecurity experts, the success of such an attack depends on the recruitment of a sufficiently large mass of attackers and targeting the “internet of things” – that is, internet-connected household devices, rather than computers. Most state security bodies know how to identify computer systems connected to countries that represent a major danger; they blacklist and identify them and are thus able to stop an attack. But security cameras and refrigerators are not on any blacklists – and so up until now attacks by such devices have not been anticipated.

FILE PHOTO: An attendee works at his laptop during the TechCrunch Disrupt 2015 conference in London, U.K., on Monday, Dec. 7, 2015.
Jason Alden, Bloomberg

Now that the attack has happened, the relevant industries might have to re-assess their vulnerability to hacking via devices connected to the web. That is true, for example, in the car industry, where most new vehicles come off the assembly line connected to the internet.

Such an attack could happen in Israel in the future. There are rival countries, or those with vested interests, that could act against Israel. The country’s security and military computer systems are fairly well protected and their interface with civilian systems is limited in a way that makes them hard to strike. Civilian infrastructures, especially those not belonging to the state, are still quite exposed despite considerable progress in recent years in the field of cyber-security.

In any case, the cyber-events of the past two days seem like a taste of the future. In the short term, it remains to be seen whether Russia, or hackers associated with it, will be tempted to disrupt the U.S. presidential elections on November 8. In the longer term, it is clear that cyberattacks will be an inseparable part of any future conflict between two countries with technological capabilities.

While attacks by bombs and missiles require a great deal of international involvement, leave clear fingerprints and often spark harsh criticism, hacking is a different sort of weapon. It can be used to perpetrate a more mild strike that cannot always be traced to the perpetrators. Hacking is convenient for sending threatening signals, for an attack that can serve as an alternative to a military face-off, or for an opening strike after which the bombs and missiles come. Since Israel and the United States are fostering such capabilities, they are also aware of the possibility that their opponents know how to use similar means against them.