It was easy to miss amid the noise and bustle at the Cybertech 2017 exhibition in Tel Aviv last week — a desk decked with a blue cloth and a scattering of brochures and comic books, among them Marvel Comics’ Doctor Spectrum.
Perhaps the not-so-subtle hint should have been the Israeli flag on display and the blue and white national symbols printed on the panel behind, portraying a menorah circled by the Hebrew words: “Where there is no guidance, a nation falls, but in an abundance of counselors there is safety.”
Those are the symbols and motto of the Mossad, the Israeli intelligence agency, which for the first time this year took part in the annual exhibition of cyber technologies.
Israel’s Shin Bet security agency, known locally as the Shabak, also had a stand at the event, for the second year running, and an “escape room bus” with analytic puzzles to challenge players. Workers at the stands declined to have their photo taken or talk with the press.
The participation of these agencies at the exhibition is perhaps the most telling sign that the tech community worldwide is beginning to realize that to fight increasingly daring hackers, collaboration is needed between countries, industries and yes, hush-hush agencies too.
The war for cybersecurity “has brought the Mossad and the Shabak out,” because they understand that there is a need to cooperate with the industry, said Haim Tomer and Erez Kreiner, two former officials at the Mossad and the Shin Bet, respectively, in a briefing with journalists on the sidelines of the conference.
Kreiner is a former director of the Shin Bet’s information security, who for 35 years helped foil cyberattacks on Israel. Tomer is a former Mossad chief of intelligence and operations. Both men today are private cybersecurity consultants.
Cybersecurity accounts for some 25 percent of the Shin Bet’s workforce today, an official at the agency said, speaking on condition of anonymity. Its presence at the exhibition was geared both to increase cooperation with the industry and enroll new workers in its forces.
The Mossad stand too had enrollment forms, which interested participants could fill out on the spot. The form laconically asked for details about applicants’ age and army service, the languages they spoke, where they are currently employed and what kind of jobs they are interested in: HQ, intelligence, technological, or operational.
Greater digitalization means greater vulnerability
As the world moves toward greater digitalization and more devices get connected to each other, individuals, companies and organizations become more vulnerable to cyberattacks.
Vulnerabilities in computer systems in 2015 and the threat from hackers reached the highest level since 2000, according to Cisco Systems’ annual security report. There has been unprecedented growth in the sophistication of the attacks, with every large company it monitored becoming a target for malicious traffic, the report noted.
“Things are moving faster than anyone realizes, we are going through the most significant tech transformation we have seen and will probably see in our lifetime,” said Cisco CEO Chuck Robbins at the Cybertech conference. “2016 was a massive inflection point for the next wave of connectivity.”
As digital connections grow, so does the exposure to attacks, leading to greater sophistication as well, he added. According to Robbins, the world must “get on top” of cybersecurity, to ensure that technology will indeed be able to fulfill its mission of making the world a better place.
“We have to deploy security everywhere and it must be simple to use,” he said, adding that companies, states and industries must share the threat info and give customers and cities the ability to act rapidly, and quickly to deploy defenses. Such defenses should be rolled out in an “integrated way” and the industry “must collaborate,” he said. When it comes to cyberattacks, “the security community leaves competitiveness at the door.”
At the end of 2015 hackers shut down power in Ukraine. In February 2016 more than $80 million was stolen from Bangladesh’s account at the Federal Reserve Bank of New York, and US intelligence services have blamed Russia for hacking attacks during the 2016 presidential election campaign.
Criminal purposes, fraud and gathering intelligence on business competitors are often the reason behind hacks, said Tomer, the former Mossad official. But the hacks that create pure mayhem — like shutting down a city’s electricity, or the 2012 breach of the computer system of Saudi Aramco, Saudi Arabia’s national oil company — reveal a scarier agenda at play.
Hackers “are testing their capabilities, checking out what they can do already now in an effort to do better and bigger things in future,” said Tomer.
To fight that war, there must be more cooperation between the “good guys”, he said. “Cooperation between states is not good enough, vis-à-vis the challenges ahead,” as countries are still possessive about their secrets and technological edge.
Heavier defenses need to be deployed in industries, and government agencies and regulation must be updated to keep in pace with technological developments, which will allow and enable enforcers to take action against criminals once they are identified, Tomer and Kreiner said.
“We are just at the beginning of the cyberwar,” said Kreiner, adding that what the world is witnessing today is just the tip of the iceberg of what can be expected in the future.
Prime Minister Benjamin Netanyahu said during the conference that he intends to raise cybersecurity cooperation with US President Donald Trump during his visit to Washington later this month.
Israel and the US, the leading players in the fight for cybersecurity, should join forces, he said. “What you see today is going to get a lot worse in the future if we don’t band together.”