Israel is exposed to the threat of a severe cyber attack, which could paralyze
ordinary life, a leading information security figure told The Jerusalem Post
this week. Nir Gaist is the 24-year-old chief technology officer and founder of
the Nyotron computer security firm, which is currently assisting state security
and economic agencies to protect themselves against the growing cyber
threat.
In a pleasant and calm voice, Gaist lays out the scope of the
disturbing danger as he sits at his company’s headquarters in
Herzliya.
“Cyber warfare is already here,” he says. “But in terms of the
damages, it hasn’t arrived yet.” The potential damage to the economy and other
sectors that lie at the heart of a functioning 21st-century state are “endless,”
Gaist adds.
It’s worth lending an ear to Gaist, as he has managed to
amaze the information security world on several occasions at his young
age.
Maj.-Gen. (res.) Amos Malka, former IDF head of Military
Intelligence and ex-chief of the Ground Forces, helped raise $3.5 million in
investment for Nyotron, which is releasing a security product called Paranoid –
a program that Gaist claims is capable of stopping a cyber attack on the level
of the Stuxnet virus, which caused havoc to Iran’s uranium enrichment site at
Natanz.
In recent weeks, Gaist invited a group of top hackers to his
office and promised them a respectable sum of money if they could penetrate his
defenses. “I’m glad to say that I didn’t have to pay,” he says.
When he
was six years old, Gaist set up a computer repair lab at Kibbutz Sde Nahum,
where he was born. At age 10, his elementary school teacher decided that it
would be a waste of time to force Gaist to study the fourthgrade curriculum, and
sent him to the Israel Institute of Technology in Haifa (the Technion) to study
advanced computer science with students more than twice his age.
Four
years later, at 14, Gaist found himself providing telephone consultations to
Microsoft founder Bill Gates and the company’s CEO Steve Balmer, giving them
tips in data protection. A year afterwards, he represented Microsoft at
international conferences.
Gaist has been a regular expert guest for the
Knesset’s science and technology committees.
He chooses his words
carefully, but the message he sends is troubling.
The more technology and
the Internet form the basis of our modern existence and allow vital state and
private sectors to function, the more the country is exposed to attackers on the
web with nefarious intentions.
The most dangerous cyber attacker is the
state actor, such as Iran. A country motivated by a hostile ideology will gain
access to resources and capabilities that the lone hacker can only dream
of.
Organized groups of non-state hackers also exist in this murky
world.
These hackers also have impressive capabilities. All of
the sectors are in the firing line: Transport and aviation, the banking
industry, the energy sector, communications, the government, security agencies,
the IDF and the police.
An example of the threat can be found in one past
virus that ended up preventing maps from being uploaded to cockpits of French
passenger jets, grounding the planes.
“There’s no doubt that the next war
will not be like the previous ones we’ve known,” Gaist says. “It will happen the
moment that a green light is given. Unlike a missile that is launched, it’ll be
hard to know who launched a cyber attack,” he adds.
Until now, Gaist
argues, despite incidents like Stuxnet in Iran and reported Chinese attacks in
the US, state actors have been cautious in their use of cyber weapons and have
taken care to refrain from major uses of them.
“Those who carried out the
attack on the nuclear facilities in Iran were also careful. The damage from a
cyber attack can be far wider in scope,” Gaist warns.
“Someone with
resources can take the gloves off. And not necessarily in one go, but over time,
in several areas. In this way, he could cut us all off from all of the
systems,” he adds.
“I don’t see a reason why the Iranians won’t make
progress. They have the know-how, and they choose young, gifted teenagers,” he
says.
On the one hand, there is growing awareness of the threat. The
state has begun investing resources in cyber defenses, such as the State
Authority for Securing Information, managed by the Shin Bet (Israel Security
Agency), the government’s National Cyber Defense Bureau and the IDF’s recently
set up cyber defense headquarters.
Gaist praises these developments, but
adds that many of the defenses are simply irrelevant to future
threats.
“There is no virtual Iron Dome,” he says, since many of the
defenses are built on known threats.
“The current evolution is good, but
it won’t bring a solution quickly enough. Fortunately, in recent years, this
issue has gotten on the national agenda. There’s no organization that does not
understand the size of the problem, and which isn’t searching for a solution.”
The threat does not only affect large organizations, Gaist stresses.
“As
a private individual, your entire identity, except your skin and bones, is
completely virtual. The money in your bank account is, at the end of the day,
just lines in a database. Your driver’s license, medical record – it’s all
virtual,” he says.
In the past, Gaist would check the defenses of
Internet service providers and banks. Once a year, he would attempt to penetrate
these systems and was amazed by how simple it was for him to get in and begin
transferring money to any account he chose.
“There is no bank in Israel I
haven’t broken into,” he says with a smile.
Thousands of cyber attacks
occur every month on these systems, but the real danger lies in the one attack
that gets through.
Some attacks, like distributed denial of service, are
simpler in nature and cause less severe damage. In DDOS attacks, computers
infected by a Trojan horse are directed to visit Internet sites selected by the
attacker as a target.
If enough requests are directed at a server, it
will crash temporarily.
The more serious type of attack occurs when
hackers gain access to computers and networks. Once access is gained, serious
damage can be caused. The attacker can steal sensitive information, alter
specifications in a way that causes a disaster or use the computer as the
perfect spy, switching on its microphone and camera to eavesdrop on
conversations in sensitive installations or government offices.
Last
year, according to foreign reports, Iran suffered from a wave of viruses that allowed an attacker to listen
to conversations taking place in the vicinity of the infected
computer.
Often, when a traditional anti-virus program identifies a
virus, the programmer can change a few lines of the virus’s code and it will
again become invisible and go back to work.
With Israel’s infrastructure
more modern than that of Iran, there are more targets to strike here than there,
Gaist points out. “It’s reasonable to assume that Israel has developed attack
capabilities, but we can’t necessarily cover for our defensive abilities with
attacks,” he adds.
At his company’s conference room, Gaist gives a live
demonstration of how quickly one can take control over another computer. His
fingers type out code at a dizzying speed, and within a short time, he shows how
a computer labeled as “attacker” gains control of a second computer, named “the
victim.”
Throughout the hack, a traditional anti-virus program fails to
sound the alert.
In one of the attacks, Gaist even has the virus send a
text message to his cellphone to let him know that full control has been gained
over the target computer.
“The victim is connected to me,” he
says.
“Cell phones are also a hole in defenses, since they can be hacked
and used as a listening device. A worker who enters a place that has a secure
network, but who is carrying an infected cellphone, can spoil everything.”
|