The MirYam Institute

View Original

ISRAELI CYBER DEFENSE NEEDS A NATIONAL CYBER SYSTEM 

By Doron Tamir

All countries today face a common dilemma: How to best protect critical national assets, in the age of ever more effective cyber warfare?

The importance of a country’s ability to defend key sites, such as power companies, ports, and airports cannot be overstated, since a successful cyber-attack on such sites can paralyze any modern state.

 The dilemma doesn’t stop at critical infrastructure. Banks, hospitals, health clinics, public transport, communications, trade, and agriculture systems all require robust defenses. All of these systems are computerized from start to finish, meaning that they are vulnerable.

In some cases, attackers can exploit one vulnerability to move around the system and harm other areas, much like entering a corridor and finding multiple interconnected corridors. An attack on a bank’s clearing system won’t hit the entire bank, but could still lead to massive damages as it could cause the bank to fail to make transfers in time, and as a result face enormous fines.

Even mid to low-level public and commercial computer networks need updated defenses. And states cannot neglect the ability of adversaries to use social media to attack them with disinformation campaigns. The ability to manipulate public perception is more powerful than any missile.

The solution, for both states and private organizations, is to create a synergy of defenses, rather than to keep adding one cyber defense product after another.

In the example of the bank, the institution’s chief information officer could, after the first attack, search out a product that defends clearing systems. But after five days, a second type of attack could hit the bank, this time targeting VIP savings accounts. Now, the CIO is out looking for a second defense product, with no synergy between them. More harm is caused this way than good.

The need for a comprehensive solution is the basis for the setting up of the Israeli National Cyber Directorate in 2012 (originally known as the National Cyber Bureau).

The Directorate is a regulator that ensures that critical private and public sector sites are sufficiently protected, and that they share information on the characteristics of the attack. It has mandated, for example, that banks must report cyber-attacks to a central element – such as the Bank of Israel – without being exposed.

Yet keeping a major attack on a bank under wrap would harm the entire banking system, leading the National Cyber Directorate to pass regulation ordering banks to share details of attacks.

The Directorate sets the standards, defining the minimum bottom line of defense for all critical infrastructure and private sector companies. They must buy or develop systems that meet the defined standard.

 The regulation applies to hospitals, transport, or agriculture – a successful attack on any of them could be catastrophic on a national level. Imagine how a country’s road system might look like if its traffic light computer network is infiltrated.

As time goes by, the effort to raise security standards is becoming more effective, thanks in part to the fact that cyber security has become a recognized profession in academia, just like computer science, math, and electrical engineering.

With this mind, one of the Directorate’s goal is to create an ecosystem that promotes national cyber security, and it has done just that in the Negev city of Beersheba.

A state lacking a cyber defense ecosystem will continue to purchase individual products, much like an enterprise desperate to defend itself but always remaining a step behind.

To overcome this challenge, a national program is essential, complete with state budgets and resources, as well as the need to draw in private industry firms and state-owned companies.

The Directorate’s job is to define what the state wants and needs in the world of cyber defense, and then to set up the ecosystem to realize this vision.

To its credit, the State of Israel has created just such an ecosystem. Beginning in 2012, when Prime Minister Benjamin Netanyahu declared that cyber security is not just a challenge but also a major opportunity, the government earmarked Beersheba as the location of the new ecosystem.

The fact that IDF is moving south to the city, creating training, intelligence, and other key campuses, sparked the idea of creating a new cyber security hotspot as well.

To achieve this vision, the Ben Gurion University of the Negev took on the role of academic anchor for the new initiative, training cyber security professionals. Deutsche Telekom, an enormous telecommunications company, set up a research center at the university’s campus dedicated to cyber security. The Soroka Medical Center hospital joined forces as well.

Then, a high-speed rail line linking the city to central Israel was established.

From this stage on, groups of entrepreneurs began setting up shop at Beersheba’s hi-tech park. They were soon joined by large tech companies, and real estate in parts of this desert city rose by 70 percent.

At this same park, the National Cyber Security Directorate set up its Cyber Emergency Response Team (CERT), made up of groups of responders who kick into action in the event of major cyber-attacks. CERT provides key backing for the finance, transport, and critical infrastructure fields.  

The Shin Bet runs a superb cyber defense unit that developed a range of top line defense systems before the Directorate was established and took over many of its national cyber roles.  The Shin Bet remains responsible for preventing terrorist activity in the cyber domain, as well as tackling foreign political subversion, using the most cutting-edge technology.

It is not enough to create an ecosystem – recruiting skilled cyber defenders must start at the high school level. Israel is one of just two states in the world that has cyber defense as a high school matriculation subject.  

Ultimately, only a holistic approach can prevent chaos when it comes to cyber security. For states, this means a national cyber system, which acts as both the regulator, and as the body that writes the field manual on cyber security.


Brigadier General Doron Tamir General Doron Tamir had a distinguished military career spanning over 2 decades in the Intelligence Corps and Special forces - as the Chief Intelligence Officer in the Israeli military, where he commanded numerous military units in all aspects of the intelligence field, from signal, visual, and human intelligence, through technology and cyber, to combat and special operations. Read full bio here.