Israel, the powerhouse of cybersecurity, remains open to hackers
In recent years, Israel has prided itself on becoming a cyber defense superpower, including calling the southern city of Beersheba “Israel’s cyber capital”. But even so, outside hackers continue to target Israeli institutions and organizations.
On August 31, for example, a computer intrusion occurred against the websites of the ports of Haifa, Eilat and Jaffa and the tourist site of Old Acre. Some reports claimed they were Iranian hackers, but the Iraqi hacker group Al-tahrea claimed responsibility. The removal of the website apparently had no impact on the activity of the ports themselves, but it served as a warning to port operators and local authorities in the region.
In early September, hackers broke into the Or Akiva sewer system and exposed the system’s vulnerability.
The chairman of the Federation of Local Authorities’ CEO forum, Doron Milberg, warned yesterday that the next attempts could put lives at risk. “We must prepare immediately and operationally for cyberattacks against local communities. Don’t wait, prepare for an attack on your systems today, because if there is an attack, we will be blamed. When lives are lost, we will be criminally responsible. We all have a ton of work to do, but give top priority to defending our computer systems against cyberattacks,” Milberg said.
Milberg’s remarks came two days after a similar warning from Mossad chief David Barnea about Iranian and Iranian-sponsored terrorist activity.
Israel’s leadership in cyberspace is seen in the numbers. 16% of global cyber investments take place in Israel. In 2020, Israel’s cyber exports reached $6.85 billion and investment fundraising reached $2.9 billion. Last year, total investments amounted to $8.8 billion.
Yet Israel has recently experienced numerous computer intrusions that have led to data theft or leaks and the shutdown of physical and virtual services.
Hackers have hit organizations, businesses, and government entities in many areas, including: medical (Hillel-Yafeh Hospital), financial services (Shirbit Insurance Company), website storage (Cyberserve), transportation (the Airport Authority, the Metropolitan Mass Transit System, the Port of Haifa), government (government websites), education (Bar-Ilan University), defense industry (Israel Aerospace Industries) and even infrastructure critical (electricity, water, sewage). Iranian or Iranian-affiliated hackers claimed to have hacked into the email accounts and cellphones of senior Israeli officials.
Various groups, mostly identified as originating from Iran or supporting the regime, have claimed responsibility, usually under Telegram accounts. However, the Israeli-American computer security company Check Point says that the attribution to Iran is not certain in all these cases.
Computer intrusions have reached record highs in the past two years. Kaspersky has determined that in 2022 there was a 400% increase in attempts to steal passwords from Israelis, compared to a 25% increase worldwide. Check Point reported a 56% increase in Q3 2022.
Calcalist journalist Omer Kabir wrote last December: “Outside, start-ups and international-oriented companies offer the best, the best and safest products, creative solutions and innovative, the best people in the world. Internally, it’s third class. In a train. In India. In the 19th century.”
However, groups that experience cyber intrusions in Israel do not always report them to authorities or the public. Those that are reported usually become known because the abusers publicly take responsibility for them.
In many breaches, the human element emerges as the weakest link in the organizational information security chain, whether by misleading users or not strictly adhering to protocol.
In light of these issues, Israel must increase awareness of cyber threats and organizations must deepen their ability to successfully manage these threats. Institutions and organizations should strive to improve their preparedness for these events and their ability to manage them as they occur.
Additionally, experts warn that technology is not enough to address the threats facing organizations today. Israeli institutions and organizations must implement elements other than cyber defense in their systems: policies, psychology, proper legal structure, diplomacy, risk management and insurance against cyber risks.
The diplomatic dimension had a concrete demonstration last week when Albania announced that it was severing diplomatic relations with Iran after a cyberintrusion in July. A report by Microsoft’s intelligence threat researchers found the incident was linked to Iran’s attacks on Israel.