Analysis: Israel, US both face cyber threats, but capabilities differ

The sanctions real target is not the cyber attackers, but those gathering intelligence, shutting down servers and stealing funds or trade secrets.

Cyber hackers [illustrative] (photo credit: REUTERS)
Cyber hackers [illustrative]
(photo credit: REUTERS)
At the beginning of April, the US announced an executive order to fight cyber attacks with innovative far-reaching sanctions. Israel, however, is unlikely to follow suit and, if it did, they likely would not work in the same way as those of the US.
On the other hand, The Jerusalem Post’s Yaakov Lappin last week reported a possible move by the IDF to unify its offensive and defensive cyber units. If Israel implements such a unification, it would be following the lead of the US, which already has a unified cyber command that is its own separate arm within the US military.
Other developments in both the US and Israel have signaled a general shift from attempting to eliminate “Cyber Armageddon” scenarios to trying to manage cyber attacks.
In the US, the developments include a speech by US national intelligence director James Clapper in February to that effect and a March reorganization of the CIA to create a cyber directorate due to the feeling that despite its powerful and intimidating capabilities, it’s defensive cyber abilities were lacking.
The assumption behind the shift is that elimination is not realistic and that steady and numerous smaller attacks are more pressing than a single, massive attack.
In Israel, the shift was signaled by speeches from Prime Minister Benjamin Netanyahu and his cyber bureau chief Dr. Eviatar Metania focusing on a new national cyber shield and indications of transfer of authority on cyber issues from the Shin Bin (Israel Security Agency) to Metania’s bureau – also to improve lacking defensive capabilities.
Why does the new move give the US an edge Israel cannot match? First, we must understand the cleverness of the order, though there is no such thing as a cure-all defense in cyber.
The sanctions’ real target is not the cyber attackers, but rather those who paying them or will later benefit by gathering intelligence, shutting down servers or stealing funds or trade secrets.
The language used for applying the sanctions starts at a high threshold but eventually could cover hacking nearly any computer network as long as the goals are hurting the US or US institutions on a broader scale as opposed to mere identity theft of an individual.
The idea is that Russia, China, Iran and North Korea and hackers working for them – some of the worst alleged cyber attack perpetrators – are somewhat immune to US criminal justice and fines, but some of their larger institutions and many of the countries they work with that could be designated as having benefited from theft of funds or trade secrets are not insulated.
In fact, as the US pointed out in a press call, many global players voluntarily alter their business behavior and who they do business with to avoid even the possibility of US sanctions anytime new ones are announced. This was the pattern seen with certain far-reaching sanctions of those doing business with Iran.
US officials on the call also noted that, “The prevalence of the US dollar in the international financial system means that many transactions come through the United States that, frankly, people did not intend. If you engage in a transaction in third countries… the contract may be specified in US dollars and may send transactions from their banks in countries that are far away from US borders and they come through the US financial system to be dollarized.”
The officials added that, “The effect of the sanctions is a prohibition on dealings with US persons.
That means US technology; that means US goods… many of these actors may try to rely on the sophistication of the US technology sector and this will also hinder them in that area, as well.”
A clear message develops.
The sanctions order could put so much pressure on third parties that with so much global business emanating or at some point connecting with the US, it could suffocate significant pockets of business and safe havens for those hacking the US.
Israel may face as much of a relative cyber threat as the US, but simply does not have this in its arsenal.
The country has a large global footprint for its size, but a sanctions push would be irrelevant without being the sheriff of the world’s interdependent town – not to mention that Israel is still boycotted by large portions of the world.
Though adverse to some global initiatives, Israel’s best hope may be to try to join and support multilateral efforts via prosecution and sanctions to reduce cyber attacks globally in a way that will at least indirectly reduce attacks on it, as well.
In the meantime, the IDF, unified command or not, the cyber bureau and the Shin Bet have their work cut out for them.