Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Cyber security developments in Israel
Journal of Data Protection & Privacy,
2
(1),
83-90
(2018)
Abstract
Since the early 1990s, the State of Israel, ‘The Start-Up Nation’, has maintained its position as a leading powerhouse for cyber security innovation. It has been providing novel solutions, which have enhanced the robustness, resilience and security of other nations and organisations around the world, making a global impact that is non-proportional to Israel’s material size. As of today, Israeli solutions are more prevalent than ever before, protecting billions of people, sustaining the continuous supply of vital services, safeguarding governments and economic infrastructure, and ensuring the security and safety of business and individuals across the globe. The Israeli cyber security industry — relying on its skilled and creative human capital and empowered by long-standing government support and a unique synergy with the world-renowned Israeli academia — has been a key component of the local vibrant security-oriented ‘ecosystem’. It is a prosperous ground where cyber security exceptionalism and excellence can flow and thrive. As such, Israel serves as a global incubator for corporations and individual entrepreneurs alike; those that seek to tap into and embrace Israel’s unique culture, which cultivates entrepreneurship, fosters ingenuity and celebrates the audacity to undermine conventional thinking. When one reviews the ‘Six cyber threats to really worry about’ in the MIT Technology Review and focusing on the ‘ransomware in the cloud’ and the ‘cyber-physical attacks’ options, something is missing — the attacks are sure to happen, but how will they spread out? What is the most likely attack vehicle? As cyber security products are becoming better and more sophisticated, a potential attacker needs to take into account the multiple barriers that they will encounter when trying to launch a cyberattack on a certain enterprise. The attacker, though, has one great advantage; in most cases, they can run a full model of the cyber-security scheme that they will be facing. The cyber specialists that work for a cybercrime organisation live among us; they dig into the same WikiLeaks information, and take part in various conferences and expos. A resourceful cybercrime organisation can set up a complete model of their targeted victim and sandbox their attack. A resourceful attacker will not use ‘plain’ statistical attacks such as a ransomware campaign, knowing that if they target a bank or insurance company, it is most likely that they are well protected against those ‘standard’ attacks (assuming that they follow best practices for cyber security). The attacker may decide to attack an enterprise by using a counter-artificial intelligence (AI) methodology that can outwit existing AI detection algorithms. Another great attack vehicle would be through the use of manipulated hardware or firmware introduced into the organisation through an internal abuser or supply chain. As some cybercrime organisations still ‘support’ legacy crime activities, such as a silent penetration into a facility, obtaining employee extortion and basic human manipulation, ‘qualifications’ that resonate well with their goal of physical penetration into the organisation. In addition, as the use of cloud-based services becomes even more frequent, the cloud vendors themselves become the ultimate prize — the Holy Grail — if you can gain access to a regional data centre and access the data running in it, substantial gain awaits you. The cloud vendors are considered state-level targets as well, owing to fact that cloud vendors heavily guard their data; a ‘promising’ attack would be to tape-out a manipulated chip (ie, a serial peripheral interface [SPI] bus controller) that will ‘find’ its way to the motherboard later when assembled in a server supplied to a cloud vendor. This paper will familiarise the reader with Israel’s cyber security scene and its specific strong points. An analysis of 2017’s cyber security incidents will be conducted, upon which an analysis of the forecast for 2018 will try to predict what to expect in 2018. Various startup companies in Israel can shed some light of what are perceived to be the next threats.
Keywords: Israel; cyber security; startup nation; Internet of Things (IoT); supply chain attacks; internal abusers; manipulated hardware
The full article is available to subscribers to the journal.
Author's Biography
Bentsi Ben-Atar After graduating from Tel Aviv University with a BSc in electrical engineering, Bentsi joined the technology unit of the Israeli Army Intelligence Corps (Unit 8200), where he was responsible for the development and deployment of critical communication and signals intelligence (SIGINT) systems. Bentsi was recognised by the unit for his exceptional work and was awarded several innovation awards for his leading role in the development and deployment of a classified system. During his service, he earned his MBA at Tel Aviv University. In 1998, Bentsi co-founded WebSilicon, which specialised in delivering advanced networking and security systems. As vice president of product development, Bentsi was responsible for the transition of the company from projects to products, product and platform definitions, and strategic development of future activities. In 2006, Bentsi became responsible for expanding into the government, intelligence and security markets, adapting existing technology for these markets. In 2013, WebSilicon was acquired by Magal (NASDAQ: MAGS), one of the world’s largest physical security integration companies. After the acquisition, Bentsi was appointed vice president of signals intelligence (SIGINT) solutions and was responsible for the development of cellular security products for the company. In this role, Bentsi designed several unique products that protect critical sites from the expanding threat of broad cellular International Mobile Subscriber Identity (IMSI) attacks and rogue Base Transceiver Station (BTS), as well as a revolutionary passive cellular detection system. Bentsi is recognised as an industry leader in the fields of rogue and covert wireless communication device detection, unique embedded systems implementation and innovative interception solutions. Bentsi is taking part in the next big challenge of cyber security — internal abusers and supply chain attacks that are targeting organisations through the use of manipulated hardware and firmware taking advantage of the widespread Internet of Things (IoT). Bentsi is also taking part in the Cyber Security Sub-Committee for the Next Generation automatic teller machines (ATMs), as part of his involvement in the ATM Industry Association (ATMIA) and the Cyber Defense Alliance (CDA) in the UK.
