The Double-Edged Sword of Cyber Warfare

Recently the Israeli army formally recognized cyber weapons as a fourth dimension of warfare, alongside land, air and sea, the defense minister sang the praises of digital weapons, saying that they can attack and conquer enemy assets without leaving a trace.

 “Cyberspace enables the attack of another nation state in offensive action, even reaching victory without leaving any fingerprints, even if it is suspected,” Defense Minister Moshe Ya’alon said at the fifth annual Cyber Security Conference at Tel Aviv University, according to a conference statement. “We are already there; we are not talking about some distant future. We have experienced this in Israel’s day-to-day actions against its enemies.”

The reference to offensive action was somewhat rare and it came just two weeks after Israel was fingered as a suspect in a cyberattack against participants in the nuclear negotiations with Iran.

On June 10 the Russian cybersecurity firm Kaspersky Lab ZAO asserted that it had been hacked and that the spyware smuggled into its own system had also been used to target three luxury European hotels, each of which hosted officials taking part in the international nuke talks.

The viruses, the Wall Street Journal reported, enabled the attackers to operate microphones in the hotels and compress and steal video feeds.

While the new virus bore no overt links to Israel, the Journal wrote, it was so complex and borrowed so heavily from Duqu, a program believed to be Israeli, that it “could not have been created by anyone without access to the original Duqu source code,” Kaspersky asserted in its report. Former heads of Unit 8200, Israel’s NSA equivalent, and the Shin Bet shrugged at the accusation. Carmi Gillon, a former head of the Shin Bet security service, speaking at a panel on cyber and military affairs, described a Russian attempt to spy on Israel’s Moscow embassy in the 1950s. He said the KGB at the time dug a nearly mile-long tunnel under the building in order to insert listening devices. “The policy is the same policy, the targets are the same targets, only the tools have changed,” he said.

Others suggested that the old code had been made public and could have been copied and pasted by anyone.
Brig. Gen. (res) Pinchas Buchris, a former head of Unit 8200, said that, “cyber capability will change the world.” He and Brig. Gen. (res) Yair Cohen, another former 8200 commander, touched on the offensive benefits of cyberwarfare. Cohen said Israel should strive to replicate with cyberweapons its opening salvo of the Six Day War, in which the IAF destroyed 180 enemy jets in three hours.

Buchris suggested, for instance, that while Hezbollah’s “stupid” or unguided rockets were immune to cyberattacks, its guided missiles could be targeted with cyberweapons. “Yes, you can deal with that,” he said. In general, though, Cohen said that cyberwarfare “favors the weak and not the strong.” And Buchris likened the situation to a balloon. He said cyber protectors are forced to try to guard the balloon with their hands while the attackers need only to strike “with a pin.”

Gillon suggested that today a terror organization could take over a jet plane and “achieve something like 9-11″ without fielding any flesh and blood attackers. In terms of 21st century military threats, he said that cyber “is second only to nuclear weapons.”
Ya’alon noted that criminal cyber activity is so prevalent today that it surpasses drug-related crimes internationally, but said that Israel has invested in protection and development to the point of being “a superpower.”

Ein News

 

« FBI Alert: CryptoWall Ransomware Damage $18 Million
The Dangers Of Internet-of-Things In Healthcare »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Redscan Cyber Security

Redscan Cyber Security

Redscan Cyber Security is a Managed Security Services Provider (MSSP) that enables businesses to effectively manage their information security risks.

Howden Broking Group

Howden Broking Group

Howden provides a range of specialist insurance solutions to clients around the world including Cyber Liability insurance.

Nation-E

Nation-E

Nation-E offers innovative cyber security solutions for industrial installations, critical infrastructure and smart grids.

ENEA Qosmos Division

ENEA Qosmos Division

Qosmos, a division of Enea, leads the market for IP traffic classification and network intelligence technology used in physical, SDN and NFV architectures.

BEAM Teknoloji

BEAM Teknoloji

BEAM Technology is an independent Software Quality and Security Testing Center in Turkey.

GoCyber

GoCyber

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month.

Orca Security

Orca Security

Orca Security delivers full stack visibility including prioritized alerts to vulnerabilities, compromises, misconfigurations, and more across your entire inventory on all your cloud accounts.

Redwall Technologies

Redwall Technologies

Redwall provides cybersecurity expertise and technology to prevent and respond to emerging threats against mobile applications and connected infrastructures.

Security Weaver

Security Weaver

Security Weaver is a leading provider of governance, risk and compliance management (GRCM) software.

Consistec Engineering & Consulting

Consistec Engineering & Consulting

Consistec Engineering & Consulting GmbH is an information technology and services company offering solutions for monitoring the security of IT and OT infrastructure.

Cubro Network Visibility

Cubro Network Visibility

Cubro network visibility solutions remove network monitoring ‘blind spots’ to provide enhanced visibility and control of all data transiting a company’s network.

Com Olho

Com Olho

Com Olho provides the measurement, analytics, quality assurance, and fraud protection technologies brands need for their business and customers.

Binarly

Binarly

Binarly has developed an AI-powered platform to protect devices against emerging firmware threats.

Buchanan Technologies

Buchanan Technologies

Buchanan Technologies is a leading IT consulting and outsourcing services firm. Our methodology transforms everyday technology investments into streamlined, secure and scalable solutions.

VP Techno Labs

VP Techno Labs

VP Techno Labs is an award-winning cybersecurity firm focusing only cybersecurity to develop cutting edge solutions for emerging business.

Acumenis

Acumenis

At Acumenis, we help organisations of all sizes to manage information security effectively. Our key services are penetration testing, ISO 27001 implementations, and security