The Double-Edged Sword of Cyber Warfare

Recently the Israeli army formally recognized cyber weapons as a fourth dimension of warfare, alongside land, air and sea, the defense minister sang the praises of digital weapons, saying that they can attack and conquer enemy assets without leaving a trace.

 “Cyberspace enables the attack of another nation state in offensive action, even reaching victory without leaving any fingerprints, even if it is suspected,” Defense Minister Moshe Ya’alon said at the fifth annual Cyber Security Conference at Tel Aviv University, according to a conference statement. “We are already there; we are not talking about some distant future. We have experienced this in Israel’s day-to-day actions against its enemies.”

The reference to offensive action was somewhat rare and it came just two weeks after Israel was fingered as a suspect in a cyberattack against participants in the nuclear negotiations with Iran.

On June 10 the Russian cybersecurity firm Kaspersky Lab ZAO asserted that it had been hacked and that the spyware smuggled into its own system had also been used to target three luxury European hotels, each of which hosted officials taking part in the international nuke talks.

The viruses, the Wall Street Journal reported, enabled the attackers to operate microphones in the hotels and compress and steal video feeds.

While the new virus bore no overt links to Israel, the Journal wrote, it was so complex and borrowed so heavily from Duqu, a program believed to be Israeli, that it “could not have been created by anyone without access to the original Duqu source code,” Kaspersky asserted in its report. Former heads of Unit 8200, Israel’s NSA equivalent, and the Shin Bet shrugged at the accusation. Carmi Gillon, a former head of the Shin Bet security service, speaking at a panel on cyber and military affairs, described a Russian attempt to spy on Israel’s Moscow embassy in the 1950s. He said the KGB at the time dug a nearly mile-long tunnel under the building in order to insert listening devices. “The policy is the same policy, the targets are the same targets, only the tools have changed,” he said.

Others suggested that the old code had been made public and could have been copied and pasted by anyone.
Brig. Gen. (res) Pinchas Buchris, a former head of Unit 8200, said that, “cyber capability will change the world.” He and Brig. Gen. (res) Yair Cohen, another former 8200 commander, touched on the offensive benefits of cyberwarfare. Cohen said Israel should strive to replicate with cyberweapons its opening salvo of the Six Day War, in which the IAF destroyed 180 enemy jets in three hours.

Buchris suggested, for instance, that while Hezbollah’s “stupid” or unguided rockets were immune to cyberattacks, its guided missiles could be targeted with cyberweapons. “Yes, you can deal with that,” he said. In general, though, Cohen said that cyberwarfare “favors the weak and not the strong.” And Buchris likened the situation to a balloon. He said cyber protectors are forced to try to guard the balloon with their hands while the attackers need only to strike “with a pin.”

Gillon suggested that today a terror organization could take over a jet plane and “achieve something like 9-11″ without fielding any flesh and blood attackers. In terms of 21st century military threats, he said that cyber “is second only to nuclear weapons.”
Ya’alon noted that criminal cyber activity is so prevalent today that it surpasses drug-related crimes internationally, but said that Israel has invested in protection and development to the point of being “a superpower.”

Ein News

 

« FBI Alert: CryptoWall Ransomware Damage $18 Million
The Dangers Of Internet-of-Things In Healthcare »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Assure Technical

Assure Technical

Assure Technical offers a holistic approach to Technical Security. Our expertise and services span across the Physical, Cyber and Counter Surveillance domains.

Snort

Snort

Snort is an open source intrusion prevention system capable of real-time traffic analysis and packet logging.

AON

AON

Aon is a leading global provider of risk management (including cyber), insurance and reinsurance brokerage, human resources solutions and outsourcing services.

Q-CERT

Q-CERT

Q-CERT is the National Computer Security Emergency Team of Qatar.

ManagedMethods

ManagedMethods

ManageMethods Cloud Access Monitor is the only Cloud Access Security Broker (CASB) that can be deployed in minutes, with no special training, and with no impact on users or networks.

Ambersail

Ambersail

Ambersail provide Penetration Testing and Cyber Security Compliance services.

Akheros

Akheros

Akheros develops cybersecurity learning algorithms which anticipate, detect and prevent offensive and incongruous behaviors of M2M interactions.

MailXaminer

MailXaminer

MailXaminer is an advance and powerful email investigation platform that scans digital data, performs analysis, reports on findings and preserves them in a court validated format.

ShieldIOT

ShieldIOT

ShieldIOT delivers a complete AI-powered security solution across any IoT device, application and network.

Thrive

Thrive

Thrive delivers the experience, resources, and expertise needed to create a comprehensive cyber security plan that covers your vital data, SaaS applications, end users, and critical infrastructure.

Dataprise

Dataprise

Dataprise is a leading IT managed services provider offering IT Management and Help Desk Support Services, Cloud Services, Information Security Solution, IT Strategy and Consulting.

AArete

AArete

AArete is a global management and technology consulting firm specializing in strategic profitability improvement, digital transformation, and advisory services.

CyberSanctus

CyberSanctus

CyberSanctus provide clients with a variety of pentest plans from the entry level starter plan, which is tailored for personal websites, to enterprise level pentests, tailored for large scale business

NPCERT

NPCERT

NPCERT is a team of Information Security experts formed to address the urgent need for the protection of national information and growing cybersecurity threat in Nepal.

Oxygen Technologies

Oxygen Technologies

Oxygen Technologies is a business systems strategy and integration company offering a variety of solutions to give our clients ways to work smarter not harder.

Aspire Technology Solutions

Aspire Technology Solutions

Aspire is an award-winning IT Managed Service and Cyber Security Provider. We specialise in cyber security, cloud, connectivity, managed services, unified communications and IT support.