A Look Inside Israel’s Cyber City

By Stephen Rae

Chairman, International Fraud Prevention Conference

THE speed at which technology is transforming our lives from transport to banking to energy efficiency and healthcare is truly amazing.  It does come at a price – and that is the price of our privacy and security. Tech platforms collect various data for target advertising and even hackers seek out the service providers we use that have weak cybersecurity defences.As Information Technology (IT) increasingly becomes Operational Technology (OT) and the Internet of Things (IoT) becomes the Industrial Internet of Things (IIoT) it is absolutely critical that manufacturers, healthcare and energy providers have robust cyber defences to withstand hacking from criminal and State actors. In Ireland, we have witnessed a 2017 attack on our energy grid by a State actor testing our vulnerabilities, presumably looking at taking down electricity supply. A malicious cyber event on our grid could have a devastating impact on data storage and the operations of big tech. And as the European capital of Big Tech, it is reported that Ireland hold’s 35pc of all the EU’s data – which means cybersecurity in an Irish context has never been as important.

Ahead of International Fraud Prevention Conference 2020 in Dublin on March 11 where we will be discussing emerging cyber threats and how to combat them, I visited one of the world’s major locations leading the way in fighting State sponsored and criminal attacks. Beer Sheeva was once a small Bedouin town in the Negev desert in southern Israel dependant on agriculture. Now it’s Israel ‘Cyber City’, home to the military’s spy centre, the Cyber Israel security centre (overseeing all cyber monitoring apart from the military and intelligence) and a leading university educating the next generation of software engineers.

In a non-descript office park outside the city (think EastPoint or Sandyford without some of the glitzier buildings) lies the home of one Israel’s biggest exports – cyber tech. The Israeli government is giving cyber businesses who locate here 20pc of staff wages back in tax breaks. This has seen the likes of IBM, Dell, PwC and Deutsche Telekom and many others relocate their research teams here, with very close relations to the university. Employers also report that unlike a big city such as Tel Aviv the churn rate amongst experienced engineers is much lower. Of course being outside the scope of EU privacy laws may help too, I reckon!

One of the interesting encounters was with Oleg Brodt, the R&D Director of Cyber at the Ben Gurion University. Brodt described how they seek out youngsters in primary school who have the “cyber itch” and nurture them all the way up to and through college. While he didn’t say so, it is known that many then go on to join elite military units such as the IDF’s 8200 Cyber Department and after a few years many begin life as Start-Ups in this space. Brodt brought us through how a 17-year-old student was able to hack into the 3D printer for a drone and insert a code which ensured the drone design became flawed and after a few minutes the drone would drop out of the air. More frighteningly we heard about the threats of cyber attacks on our healthcare.

Brodt described how in 2018 clinics and hospitals were hit with numerous cyber attacks leading to significant data breaches and interruption to medical services. He maintains “our medical services are vulnerable.” He says “attackers can alter 3D scans to remove existing or inject non-existing medical conditions.” “An attacker may do this to remove a political candidate or leader, sabotage or falsify research, perform murder or terrorism or hold data ransom for money,” he said. To prove the point students tested hospital security – with the permission of one institution. The ease with which they did so is frightening. They walked into the hospital and while medical staff were busy, inserted a hacking device into a floor cable and within 40 seconds had breached the hospital mainframe. From the waiting room area they were able to change the CT scan of a patient “inserting” a tumour in the scan. They also “removed” a tumour from a scan – making it appear the patient was cancer free. Says Brodt their findings are that “using deep learning an attacker can fool expert radiologists and even state-of-the-art AI, 98pc of the time (in the case of lung cancer).” Similarly, hackers were able to change the blood type of a patient, which would have catastrophic consequences in the event of a transfusion.

A short walk down the street brings us to another non-descript building. We are at the command centre for Cyber Israel – otherwise known as Israel National Cyber Directorate – which runs its Security Operation Centres from Beer Sheeva. There are specialist SOCs for:

  • Financial Services
  • Telecommunications
  • Energy/Health/Environment
  • Transportation
  • Government

Cyber Israel is something like the National Cyber Security Centre in the UK and operates a ‘119’ Hotline where anyone can report a possible cyber incident. This allows the agency to get intelligence on the early stages of an attack and has allowed them to be ahead of major incidents such as the Wannacry event. “Because the private sector reported it to us in the early stages we were able to get a warning out to the private sector very quickly,” said a spokesperson.

The agency provides a free cyber security monitoring service for the financial services sector in Israel. Their “Tech Unit” looks at future threats in the areas of AI, IoT, 5G and how to deal with them, while the “Operational Unit” is the frontline group addressing current cyber events. On touring some of the SOCs it’s remarkable to see so many of the staff are young women in their early 20s who are on the frontline of Israel’s cyber defence. Says Yigal Unna, the head of Israel’s National Cyber Directorate: “The most immediate technological challenge confronting Israel is to protect artificial intelligence-based vehicles from being hacked.” “Artificial intelligence is the new battlefield that will accompany us in the near future,” Unna, formerly a senior official in the Shin Bet (Israel Security Agency). He says “the immediate challenge before us is artificial intelligence vs artificial intelligence (adversarial AI) – attempts to cause AI-based vehicles to act contrary to their programming in order to cause damage.” Unna also reported that the INCD and other Israeli agencies have blocked every single cyberattack on critical infrastructure in 2019.

“There have been zero successful cyber attacks on critical national infrastructures in the past year,” Unna claimed. In fact, during the visit here the local media reported that there were 700 attempts to hack into the systems controlling Tel Aviv airport as hackers tried to interrupt the flights of international leaders arriving for Holocaust Memorial ceremonies. Unna says that out of approximately 8,600 reports and alerts more than half (4,415) were received from the public and from organisations at the Beer Sheeba SOCs and the 119 Hotline. He says the other alerts came from detection systems. Around two thirds (3,233) of the reports from the public and organizations were verified after evaluation as attempted “cyber incidents” – attacks on a variety of computer systems. Of the reports that were seen as official cyber incidents, around half (48pc) were reports about intrusions, and 36pc were reported as attempts at information gathering, phishing or other attempts to compromise the potential victim’s system. The other reports dealt with vulnerabilities in computer systems (7pc), malware (5pc), availability of service (2pc), and authorisation (2pc). Clearly, surrounded by foes the Israeli cybersecurity abilities – and in some cases offensive capabilities – are a critical part of the country’s defence and economic infrastructure.

On a European context, however, what is most applicable and impressive is the model under which Cyber Israel operates  – a free hotline to report suspicious activity online, a free cyber defence capability for key infrastructures including financial services and energy, and a pipeline of technical expertise from the universities. Next up is an SOC for the aviation community.

Learn more on the Israeli model, cyber security, emerging threats, FinCrime Tech, AML and ABAC at https://internationalfraudprevention.com