“D.,” the head of one of the branches of the agency’s cyber division, is 37, married and a father of four. He served in the IDF as part of the hesder combined military/yeshiva program, studied computer science at Bar-Ilan University in Ramat Gan, worked at an international hi-tech company, and only then move to the Shin bet.
He says in an article in the conference magazine that part of what got him to join up was that “every incident involves the actual saving of human life. The immediate nature of the response and the feedback are highly notable.
“We do not have a strategic tool that sits idly by for two years, waiting to be employed. What we have here is an activity whose value and benefit are almost always immediate. Today we may write something, and by tomorrow it will encounter the enemy,” “D.” said.
Israeli cyber security capabilities are fascinating. This is only a small taste to whet the appetite, rather than a truly in-depth report.
“If Israel conducts a cyber attack against the Iranian nuclear program are we obligated to help them defend themselves against an Israel cyber attack?” Rubio asked Kerry.
Kerry didn’t exactly say no. He was, however, confident that Israel wouldn’t attempt a cyber attack on Iran without US help. By implication, relations between the US and Israel aren’t so damaged that Israel would launch such an attack without US help, meaning that if Israel did attempt to sabotage the Iranian nuclear program, it would be doing so in a world in which the nuclear agreement was no longer in effect.
“I don’t see any way possible that we would be in conflict with Israel with respect to what we might want to do there and we just have to wait until we get until that point,” Kerry said, cryptically — “that point” referring to a future time at which Israel believes it’s necessary to sabotage Iran’s nuclear program. It seems that at that juncture, the US would have to determine whose side to take.
Israel is considered to be an international cyber superpower, and is trying to brand itself accordingly. Check Point was founded by three newly released Israel Defense Forces veterans who specialized in information security. It was among the very first companies in the world to develop software to protect computer networking – including some of the earliest firewalls – and was a great success from almost the get-go. Many other Israeli companies were established in its wake, some by people who had previously worked for Check Point itself.
The information security market is estimated to be worth some $60 billion a year. Israel’s National Cyber Bureau in the Prime Minister’s Office estimates that Israeli companies hold a 10% share of the global information security market. Many firms whose operations were never historically in the security field are now expanding their presence into the industry. For example, Verint – whose main business was in intelligence systems for military and government institutions – decided to expand its operations in the cyber industry into civilian markets. Elbit Systems, which develops military systems, also established a subsidiary named Cyberbit, which has bought the cyber division of NICE Systems.
The growth of the cyber industry has attracted a huge number of investors. This demand led to the creation, last November, of the first Cyber Security exchange-traded fund (ETF), which tracks an index of 31 stocks. “The fund seeks to provide investment results that, before fees and expenses, correspond generally to the price and yield performance of the ISE Cyber Security Index,” states PureFunds, the company behind the ETF.
“I think the important thing is to better understand what is going to be important in the future,” Mr. Matania said in an interview. “Even those who are not there yet will be there in the coming years.”
Mr. Matania is in Washington meeting with business groups and policy makers as Israel tries to bolster coordination in the cybersecurity field and draw more investors. He held a meeting Tuesday morning at the U.S. Chamber of Commerce and said investors have poured $500 million into Israeli cybersecurity startups in the past few years.
“We see ourselves as a global cyber incubator,” he said.
Israel’s cybersecurity structure is different than in the U.S., as much of the authority is consolidated into Mr. Matania’s bureau. In the U.S., there are a number of agencies, often at odds, trying to develop cybersecurity policy. The White House has tried to push for more uniformity, particularly after Sony Pictures Entertainment was hacked last year. However, the process is still ongoing.
Mr. Matania’s role in Israel is expanding, as the country is creating a new National Cybersecurity Authority next year, and he will play a lead role in the agency’s development. He reports directly to Israeli Prime Minister Benjamin Netanyahu, giving him a senior role in the government.
Israel has always been a force to be reckoned with, both militarily and technologically. Their structural implementation of cyber security seems to have been done right, consolidating the authority into a single, highly focused, intelligent office, rather than spread out among multiple agencies like in the United States.
Waylon Grange, a researcher with the Blue Coat [PRJCBB.UL who discovered the campaign, said the vast majority of the hackers’ software was cobbled together from widely available tools, such as the remote-access Trojan called Poison Ivy.
The hackers were likely working on a budget and had no need to spend much on tailored code, Grange said, adding that most of their work appeared to have gone into so-called social engineering, or human trickery.
The hackers sent emails to various military addresses that purported to show breaking military news, or, in some cases, a clip featuring “Girls of the Israel Defense Forces.” Some of the emails included attachments that established “back doors” for future access by the hackers and modules that could download and run additional programs, according to Blue Coat.