Professional Documents
Culture Documents
Full download Israel and the Cyber Threat: How the Startup Nation Became a Global Cyber Power Charles D. Freilich file pdf all chapter on 2024
Full download Israel and the Cyber Threat: How the Startup Nation Became a Global Cyber Power Charles D. Freilich file pdf all chapter on 2024
https://ebookmass.com/product/israel-and-the-cyber-threat-
charles-d-freilich/
https://ebookmass.com/product/cyber-threat-
intelligence-2023-edition-martin-lee/
https://ebookmass.com/product/cyber-technological-paradigms-and-
threat-landscape-in-india-ramnath-reghunadhan/
https://ebookmass.com/product/understand-manage-and-measure-
cyber-risk-practical-solutions-for-creating-a-sustainable-cyber-
program-2nd-edition-ryan-leirvik/
Israeli National Security: A New Strategy for an Era of
Change Charles D. Freilich
https://ebookmass.com/product/israeli-national-security-a-new-
strategy-for-an-era-of-change-charles-d-freilich/
https://ebookmass.com/product/hunting-cyber-criminals-vinny-
troia/
https://ebookmass.com/product/strategy-leadership-and-ai-in-the-
cyber-ecosystem-hamid-jahankhani/
https://ebookmass.com/product/transportation-cyber-physical-
systems-lipika-deka/
https://ebookmass.com/product/emerging-cyber-threats-and-
cognitive-vulnerabilities-vladlena-benson/
Israel and the Cyber Threat
Israel and the Cyber Threat
Published in the United States of America by Oxford University Press 198 Madison Avenue, New
York, NY 10016, United States of America.
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or
transmitted, in any form or by any means, without the prior permission in writing of Oxford
University Press, or as expressly permitted by law, by license, or under terms agreed with the
appropriate reproduction rights organization. Inquiries concerning reproduction outside the scope of
the above should be sent to the Rights Department, Oxford University Press, at the address above.
You must not circulate this work in any other form and you must impose this same condition on any
acquirer.
DOI: 10.1093/oso/9780197677711.001.0001
CONTENTS
Introduction
Figures
I.1 Malware Peaks and Political Developments
I.2 Metcalf’s Law
1.1 Cyber Threats by Motivation
7.1 Cyber Decision Timeline
10.1 Israel’s Cyber System
Table
7.1 The Concept of Operations
Maps
6.1 Israel (1967 Borders)
6.2 The Middle East in Context
ACKNOWLEDGMENTS
AI Artificial Intelligence
APT Advanced Persistent Threat
ATP Advanced Technology Park
CBM Confidence Building Measure
CEC Cyber Education Center
CERT Computer Emergency Response Team
CNA Computer Network Attacks (for purposes of disruption or destruction)
CNE Computer Network Exploitation (cyber espionage)
CNI Computer Network Influence (cyber information operations)
CT Counterterrorism
CWC Chemical Weapons Convention
DDoS Distributed Denial of Service attacks
DMP Decision-Making Process
DoD (US) Department of Defense
DoS Denial of Service attacks
GUCD Governmental Unit for Cyber Defense
IAF Israel Air Force
ICT Information Communications Technology
IIA Israel Innovation Authority
IISS International Institute for Strategic Studies
INCD Israel National Cyber Directorate
INSC Israel National Security Council
INSS Institute for National Security Studies
IoT Internet of Things
IRGC Iranian Revolutionary Guards Corps
ISA Israel Security Agency, also known as the Shin Bet or Shabak
JCPOA Joint Comprehensive Plan of Action (“Iran nuclear deal” 2015).
LOAC Law of Armed Conflict
MABAM campaign between the wars (Hebrew acronym)
MI Military Intelligence
MNC Multinational Corporation
MoD Ministry of Defense
MoU Memorandum of Understanding
NCSA National Cyber Security Authority
NCSC National Cyber Security Center
NISA National Information Security Authority
NIW (Iranian) National information network
NPT Nonproliferation Treaty
NSA (US) National Security Agency
NSC (US) National Security Council
NSS National Security Staff (new name for INSC above)
SOC Security Operations Center
UAE United Arab Emirates
PROLOGUE
It was a quiet summer evening when the first signs of trouble appeared.
Some people in Tel Aviv were already strolling on the beachfront
promenade, others were still caught in rush hour traffic. Suddenly, traffic
lights went out and within minutes central Israel became one big snarl. In
Jerusalem, an ambulance with a patient in cardiac arrest was unable to
reach Hadassah hospital. The radar at Ben-Gurion Airport went blank and
aircraft had to be diverted to Cyprus.
Soon electricity began sputtering around the country. Air conditioners
and computers shut off, and hot and increasingly irritable people began
wondering what was going on. Young techies at Microsoft, Facebook, and
other high-tech firms were particularly exasperated. In Dimona, the usually
well-lit security fence around the nuclear reactor was shrouded in darkness.
Banking services crashed, and many found that their accounts and
investment portfolios registered a zero balance. TV programs were
disrupted, but soon showed images of Israelis killed in terrorist attacks.
Social media were overwhelmed by vicious propaganda messages, and
phone communications collapsed.
It was then that a barrage of Hezbollah rockets began hitting population
centers, airbases, and other major military targets. Some people noticed
that Iron Dome, Israel’s vaunted anti-rocket system, seemed to be missing
its targets. Unbeknown to them, Iron Dome operators were frantically
trying to recalibrate their unresponsive computers. An air force pilot
reported seeing extensive troop movements along the northern border, but
monitoring systems gave no indication thereof.
Tensions had been building for months. Iran was closer than ever to a
nuclear breakout and now had a forward operating base in Syria from
which to attack Israel, in addition to the 130,000 Hezbollah rockets housed
in Lebanon.
Over the next few days, the IDF mobilized reserves. Many never received
the messages sent to their smartphones. Others did, but were caught in the
never-ending traffic. By the time their units were able to fully mobilize and
reach the front . . . .
This account is based on actual events and IDF training scenarios, with
just a little help from our imaginations.1
Introduction
Israel has the world’s most tech-dependent economy and is a global leader
in high-tech R&D and startups, per capita. Israel has also come to be a
leading cyber power, home to as many cyber startups as the rest of the
world combined, not including the United States. Israel is also widely
considered a leading actor in both defensive and offensive cyber
capabilities, and its overall cyber prowess has become an important
component of its national security. As such, the cyber realm has come to
constitute a truly remarkable boon for Israel and a critical dimension of
every aspect of its national life today—socioeconomic, cultural,
governmental, diplomatic, and military.
For Israel’s enemies, conversely, its dependence on the cyber realm is
also a potential source of weakness, making it more vulnerable to cyber
attack than they and providing a possible means by which to counter
Israel’s economic power and military superiority.1 Israel has thus become
one of the top targets of cyber attacks in the world today, facing a nearly
constant daily barrage, both by state and nonstate actors. Indeed, cyber
attacks have come to be viewed as one of the primary threats that Israel
faces today.2
Attackers have targeted virtually every type of computer system in Israel,
hospitals, El Al airline, the Tel Aviv Stock Exchange, Bank of Israel, and
television stations, to mention just a few.3 Critical infrastructure firms,
providing electricity, water, communications, and more, have been a
particular focus of attack. The Israel Electric Corporation (IEC) alone
typically faces hundreds of thousands of attacks every day. Most are mere
nuisances and easily deflected, but some are sophisticated efforts to disable
its systems. A successful cyber attack on the IEC could disrupt power to
virtually all of Israel and paralyze the nation, with potentially severe civil
and military consequences. In 2020, a cyber attack on Israel’s water system
was detected before dangerous levels of chlorine could be released into the
national supply.4
Most of the known attacks are against purely civilian targets and are
designed simply to cause disruption and hardship. Some are conducted
without any stated political agenda or set of demands and are offshoots of
wider campaigns aimed at undermining Israel’s international standing,
weakening it physically, and undermining its societal resilience. For years,
on the eve of Holocaust Remembrance Day “hacktivist” groups have
conducted a coordinated annual series of cyber attacks against Israeli
websites. One such group has repeatedly threatened Israel with an
“electronic Holocaust” and of being “erased” from cyberspace.5
In 2019 foreign hackers almost succeeded in inserting fake video footage,
purporting to show rockets raining down on Tel Aviv, into the televised
broadcast of the Eurovision Song Contest, an annual musical extravaganza
held that year in Israel and viewed live by hundreds of millions of people
around the world. In 2020 hackers from Iran, China, North Korea, Russia,
and Poland launched more than 800 cyber attacks against Ben-Gurion
airport and approaching aircraft, to disrupt the arrival of more than 60 world
leaders attending a commemoration of the 75th anniversary of the liberation
of Auschwitz, including the presidents of Russia and France and the US
vice president. In 2022 hackers sought to disrupt President Zelenskyy’s live
address to the Knesset, at the height of Ukraine’s war with Russia.6 Had any
of these attacks succeeded, the damage to Israel’s image, tourist industry,
and commercial sector, as a whole, would have been severe.
Israel faces a myriad array of military threats and relies for its security on
a largely reservist army with exceedingly short mobilization times. A cyber
attack that successfully disrupted power, communications, or transportation
systems, even for a short period, could make a critical difference in times of
crisis or war. Even something as basic as shutting off traffic lights or
disrupting cellular communications could delay the mobilization of forces
and have a significant impact on military operations, not to mention the
chaos caused to the entire country. Attacks that successfully penetrated
command-and-control and intelligence systems, or even weapons systems,
could have an even more severe impact.
Iran, Hezbollah, and Hamas, unsurprisingly, are the primary sources of
cyber attacks against Israel. Iranian hackers reportedly targeted Israeli
nuclear scientists with “phishing” scams in an effort to gain access to
sensitive information.7 An Iranian-affiliated website succeeded in causing a
brief, but dangerous, spiral in tensions with Pakistan, based on an entirely
fabricated nuclear threat that Israel had supposedly made and a real nuclear
threat that Pakistan made in response.8
Iran, Hezbollah, and Hamas have apparently used Facebook and
messaging apps for purposes of terrorism against Israel.9 Palestinian Islamic
Jihad hacked the (unencrypted) communications of IDF drones operating
over Gaza, thereby gaining real-time intelligence that enabled it to better
hide its rockets from Israeli strikes.10 Hamas hackers, posing as attractive
Israeli women, enticed IDF soldiers into downloading fake dating sites onto
their smart phones. In so doing, they were able to gain control over the
soldiers’ phones, overhear the operational briefings they attended, or film
their bases and military positions. Even when the soldiers used secure land
lines for operational purposes, the infected phones continued to transmit
what they were saying.11
Cyber attacks against Israel do not only originate with its Middle Eastern
adversaries.12 Much like the United States and other democratic countries
today, Israel is also concerned about attempts to subvert its electoral system
and influence public opinion through cyber means.13 Russia and China and
their cyber espionage are a particular source of concern,14 as are even close
allies. During a high point in Israel’s ongoing conflict with Hamas in Gaza
and, even more importantly, at a time when Israel was preoccupied with the
danger of a possible Iranian nuclear breakout, US and British intelligence
reportedly tapped into live video feeds from Israeli aircraft, monitored
military operations in Gaza, and watched for a potential strike against Iran.1
5
Figure I.1 Malware Peaks and Political Developments Source: Adapted from Kausch and Tabansky 2
018.6
can also serve as an entry door for malicious cyber activity. It is thus hardly
surprising that the World Economic Forum has ranked large-scale breaches
of cyber security as one of the five most serious risks facing the world.26
The exponential power of information networks—and consequently of
information operations—is shown in Figure I.2. Whereas two telephones
are needed to make one connection, five telephones will make ten
connections, twelve will make sixty-six connections and so on.27
Between 2005 and 2019 more than 11.5 billion records containing
personal data, mostly of US citizens, such as email addresses and social
security numbers, were stolen in over 9,000 separate cyber attacks. During
2017–2019 alone, personal data was stolen from the accounts of nearly 140
million Facebook, 57 million Uber, 100 million Capital One, and 143
million Equifax users. Perhaps most embarrassingly, 400 million users of
the Adult Friend Finder, a casual sex site, were also compromised.28
One report estimated the cost of global cyber crime in 2018 at $600
billion, an increase of $100 billion over 2014, and forecast that it would
reach a whopping $6 trillion by 2021. US firms lose roughly $250 billion
each year as a result of cyber theft of intellectual property. The damage
from a successful cyber attack against just one of the operators of the US
electric grid has been estimated at anywhere between $240 billion and $1
trillion.29
Ransomware attacks, in which the target is forced to pay a fee in
exchange for a digital key that unfreezes a maliciously encrypted system,
have become one of the most important forms of cyber crime, and one
which is increasingly viewed as a national security threat. In 2020 global
ransomware attacks nearly doubled. In 2021 they took place in the United
States alone, on average, every eight minutes. Russian groups are believed
to be behind most ransomware attacks to date, although direct governmental
complicity has yet to be fully established.30
Various state actors, including Russia and Iran, have planted, or at least
planned, intrusions on the US electric grid, as the United States has on
theirs, or China has on India’s.31 In 2021, the computer systems of a water
treatment facility in Florida were breached, raising fears that dangerous
chemicals could have been released into the water supply.32 These and other
attacks on critical national infrastructure, with potentially systemic effects,
are a particularly severe danger.
In 2020 hackers sought to steal information about Covid-19 vaccine
research in the United States, UK, Canada, and elsewhere. Chinese-
affiliated attacks apparently began within months of the pandemic’s
outbreak, followed by Russian and North Korean attacks. Spearfishing
emails impersonated executives at legitimate firms involved in the global
vaccine distribution chain, as well as representatives of the World Health
Organization (WHO) and personnel recruiters for pharmaceutical
companies. Confidential information regarding the Pfizer vaccine was
stolen from the European Medicines Agency, the regulatory agency
Another random document with
no related content on Scribd:
to Miss Petty his assertion that the supposed island-studded
lake was but an optical delusion common in desert lands.
But the stick did not descend, nor was the double
burden lifted by the pale-faced captive.
CHAPTER XXI.
ONLY ONE LAMB.
"'God is love.'"
CHAPTER XXII.
SLAVERY.
The Arab would not have dared to have declared all this
had he not thought that, the bridal party being on the point
of starting for a place distant hundreds of miles from Djauf,
there was no danger of detection. The sinfulness of fraud
and falsehood never troubled the conscience of the Arab, for
he could not be said to possess one. He had been nurtured
on lies, and felt rather pride than shame at success in
cheating his employer.
"After all," thought Harold, "I am not the first one of the
Lord's people to have to endure the humiliation of having a
price put upon me." Harold remembered Joseph; he
remembered One far more exalted than Israel's son, for
whose sacred person pieces of silver had been counted
down. It is only in sin that there is shame.
CHAPTER XXIII.
A PROMISE.
"I do not understand you, boy!" said Ali, and very deep
grew the furrow on his brow. "I have taken one life, and I
cannot restore it; God does not require an impossibility."
"If you were in my place what would you do?" asked the
Amir.
Ali did not lose his temper, but his voice sounded harsh
as, after a pause of some minutes, he expressed himself as
follows: