A conference on cyber warfare in Tel Aviv reveals Israel's weaknesses—but a strategy to solve them is already in hand.MIT TECHNOLOGY REVIEW Wednesday, June 15, 2011
By Matthew Kalman
The outgoing head of Israel's internal security service Shin Bet and the head of the country's cyber task force, among others, warned at a conference on cyber warfare at Tel Aviv University last week that strategic Israeli installations are essentially unguarded against cyber attack.
Around the world, a series of high-profile security breaches have afflicted major government and commercial institutions in recent weeks, including the Pentagon, Lockheed Martin, Sony, and Citibank. Earlier this month, hackers compromised the computer systems at two Israeli diplomatic legations in the U.S. and put them out of service for several hours.
Last year, it was discovered that cyber warfare had broken new ground with the Stuxnet worm attack, which targeted the control systems of nuclear plants. The U.S. and Israel have been accused of designing the worm, which disabled the Iranian nuclear plant at Natanz by causing extreme temperature variations, and which went undetected for months, perhaps years. Several speakers at the conference referred to Stuxnet as a game changer because it brought cyber warfare into the realm of offensive acts against critical infrastructure. But there was no public acknowledgement or even hint that Israel was indeed responsible for the worm. Instead, discussion focused on the country's defense against cyber attack.
Israeli Prime Minister Benjamin Netanyahu told the conference, "The more computerized we get, the more vulnerable we become. There is therefore no choice but to deal with this in a more systematic and focused manner."
The outgoing Shin Bet chief, Yuval Diskin, blamed China for some recent computer security breaches around the world and said the Chinese government's cyber command now comprises "the largest number of hackers on earth." He said there was evidence that on April 8, 2010, China diverted 15 percent of U.S. Internet traffic through its routers. (He was referring to an incident described in the report of the Congressional U.S.-China Economic and Security Review Commission released last November. The attack lasted for 18 minutes and appears to have been a case of IP hijacking or BGP hijacking—the takeover of whole blocks of website addresses by corrupting Internet network routing.) Cyber warfare is already "an existing reality," he said.
Diskin asserted that Israeli networks critical to cell-phone communications, transport systems, finance, and the supply of electricity and water are all wide open to attack, and that this constitutes "a major threat to national security" because Israel, like all modern states, relies heavily on such systems to function normally.
In May 2011 the Israeli government appointed a National Cybernetic Taskforce led by Isaac Ben-Israel, a professor at Tel Aviv University, reserve major general, and former head of the Administration for the Development of Weapons and Technological Infrastructure at the Israeli Defense Ministry. The task force submitted a report last month that made a series of recommendations for defending Israel's strategic infrastructure from cyber attack.
The measures recommended include the establishment of a national cyber authority to oversee the protection of Israel's critical systems, the development of an Israeli research supercomputer, protocols to identify attacks in progress and repair any damage caused, and the creation of a simulation center to train and certify engineers who will specialize in system protection.
Ben-Israel told the conference that while Israeli military and intelligence networks are well protected, the country currently has "no defense for critical installations such as the electricity network." He warned, "You have systems that each one by itself is not critical, but someone who wants to attack Israel can attack three or four of these sub-critical systems in parallel and together will achieve the effect of paralyzing the country."
Ben-Israel also hinted that the government may be considering mounting an offense. "It's not enough to remain passive and defend yourself. You also have to do all sorts of things, but I won't talk about that," he said.
Danny Dolev, a professor at the Hebrew University of Jerusalem and a member of the task force, agreed that Israel's civilian computer systems are "wide open, a weak point." He said, "To defend Israel, we need to develop sensing of many things happening at once, which individually may seem unimportant but as soon as we look at their correlation, suddenly something happens."
Other experts urged the adoption of new kinds of security measures, observing that technologies such as the firewall, which identifies potentially malicious inbound network traffic, cannot guard against attacks by people or malicious programs already within an organization's security cordon.
Nimrod Kozlovski, an adjunct professor at Tel Aviv University and chairman of Altal Security, said current security protocols were based on the outdated concept of "trusted" and "untrusted" people trying to access a system. But today's threats may come from a "trusted" person within the system—like Bradley Manning, who is accused of downloading thousands of U.S. diplomatic cables and passing them to WikiLeaks.
William Beer, director of the OneSecurity Practice at PricewaterhouseCoopers London and an adviser to the British government, said, "The current approach to cyber security is failing. People engaged in securing cyberspace face the challenge of continuing to raise their game faster than the attackers."