In the coming year, cyberattacks will become personal

Ruby Aronashvili, founder and CEO of cybersecurity firm CYE, forecasts what to expect this year.

 THE WORLD of cyberattacks has changed in the last year.  (photo credit: Adi Goldstein/Unsplash)
THE WORLD of cyberattacks has changed in the last year.
(photo credit: Adi Goldstein/Unsplash)

Cyberattacks continue to increase globally amid the pandemic, especially those focused on sexual extortion and the software supply chain, says Ruby Aronashvili, founder and CEO of CYE, a global leader in providing security solutions to organizations.

“The cybersecurity market is not resting for a moment, and we are seeing a global increase in attacks since the COVID pandemic began – a jump of hundreds of percent,” says Aronashvili. 

RUBY ARONASHVILI, CYE founder and CEO: In the coming year, CEOs will be attack and extortion targets. (Credit: Ukan Studio)RUBY ARONASHVILI, CYE founder and CEO: In the coming year, CEOs will be attack and extortion targets. (Credit: Ukan Studio)

CYE is one of the only licensed companies in the world that attack organizations with their consent to expose weaknesses in their security systems and help organizations get a complete picture of their cyber assets and risks procedures. CYE’s platform, Hyver, optimizes the defensive capabilities of the organization based on the level of risk it is willing to take against the required investment, resulting in a full quantification of risk. 

“Cybersecurity is a financial matter,” says Aronashvili, “An organization needs to know how to weigh the cost of risk versus the cost of repair. It’s a complex model, but it’s the only way to make data-based decisions as well as relevant budgets". 

“The world of cyberattacks has changed in the last year. We are seeing a step-up in the capabilities and determination of private attackers and what is called power-level attackers,” he explains. 

Here are some trends that we are seeing in the market today and that we think will intensify in the coming year: “Attackers are taking advantage of the fact that people work remotely and not physically in the office. This means that the attack space is growing, and extra-organizational infrastructure, such as home Wi-Fi networks and personal devices, affect the security of the organization". 

“Attackers are targeting the software supply chain. Effective attackers target a single organization to reach its subscribers and customers. This results in high value in return for a minimal investment, thus maximizing attacks. 

“Another developing trend is personal attacks against senior personnel in management positions. This is a disturbing phenomenon that we will hear more about in the future". 

“There are more attacks today that involve ‘sextortion,’” says Aronashvili. “Think of a senior executive in the organization, in which he or his family members are blackmailed by an anonymous person who sent a message that says, ‘I broke into your phone and filmed intimate videos.’ In many cases, these scams are a bluff used to get the target to provide sensitive information. But in some cases, they are real. Most of the time, a real threat will be accompanied by proof in the form of a video or image that can embarrass the victim.“

"The payment does not have to come from a company CEO or even be financial. Increasingly, attackers ask victims to install a file on their computer. From there, it will find its way to other computers on the network and target sensitive information.” 

There have also been a growing number of attacks against Israel. “There is a type of prestige associated with attacking Israeli institutions,” Aronshvili says.

Chief among these are the ransomware attacks against Atraf, an Israeli dating site for the LGBTQ community, and the suspicion of the leak of details of members of the gay community, and the cyberattack on Hillel Yaffe Medical Center. The hospital attack caused a great deal of disruption, even though it did not target a technological organization or end up causing significant damage to human life. Still, those who tried to gain a reputation through the attack succeeded.

“The State of Israel is perhaps the largest exporter in the field of cybersecurity, but it is not the largest user at all,” he emphasizes. “There is a very high level of awareness in the country, and organizations understand the problem. But they are not willing to invest large amounts of money in cyberdefense – either because they think it will not happen to them, or they believe they are not an interesting enough target for hackers. In truth, there is not enough investment here in cyberdefense, which does not make sense for Israeli society, which is frequently threatened by countries like Iran.

“Today, attackers use pressure points instead of weaknesses. For example, when the hackers penetrated the Atraf site, the intruders realized that they had their hands on private information. Think of the consequences if an attacker could obtain this type of information about a president or senior members of a large organization – it is cyberterrorism for all intents and purposes". 

“It is important to emphasize that this problem does not only characterize Israel,” he adds. “It is a passive perception that exists in many organizations around the world, which are just waiting for something to happen. This is an attitude that must disappear from the world.” 

Aronashvili began his professional path in the academic track of the Atidim program. He graduated with bachelor’s and master’s degrees in computer science and mathematics from Tel Aviv University. In the army, he served in the Matzov (Center of Encryption and Information Security) unit and was part of the establishment of the Red Team, which was responsible for finding weaknesses and improving the defense system of the IDF and the Defense Ministry. Upon his discharge from the Atidim program seven years later, he founded CYE. 

Since its inception in 2012, CYE has provided professional services to leading organizations worldwide. In 2018, the company began developing its platform, Hyver, and added more technology to its array of product-led services. “From the get-go, we worked with large companies in the world,” Aronashvili recalls. “We have advised decision-makers in organizations at the cybersecurity level, whether it is via the CIO, CFO and sometimes also at the CEO or board level. It is precisely from working with such senior officials that we have been able to generate insights into the needs of organizations, their shortcomings in the security field, and the level of visibility that should be achieved. Based on this information, we started to develop a platform called Hyver, which became available to our customers in 2018. 

“Our model is to take the organization, examine its level of risk and where the relevant weaknesses are, and translate that into business and financial risk. We show the organization where it is exposed and provide an optimal repair plan where we prioritize value for financial investment. 

“Of course, we keep working and accompany the organization beyond the initial evaluation process. We constantly make sure that the organization or company does not go backward, because in the cybersecurity world, if you are not advancing, you are going backward. One cannot stay in place. One must constantly identify new threats and be prepared. 

“Our platform becomes an enterprise system that manages all the cybersecurity capabilities in the organization. You can start working with it immediately and, over time, add additional integration,” explains Aronshvili. “The platform manages everything from the people, through the managed projects, the cost potential of cyber events, and more. It becomes the main platform of the CISO and involves the senior management, with everyone getting their own personal report with the relevant information". 

“The platform also provides the organization’s technical staff with information about the weaknesses and how to deal with them. Our staff works around the clock to provide support, and if there is an incident, we help the organization to recover faster". 

“The platform is based on a mathematical and scientific model that accurately measures the weaknesses and the areas that are most cost-effective for a company to fix. We measure the likelihood that a particular vulnerability will cause damage and tell the cybersecurity officer in the organization what the repair cost will be and how much it will reduce the risk". 

“The system divides the threats into three elements: mitigated risk – everything you are going to invest in fixing the weaknesses; accepted risk, when you can live with the risk, and you do not intend to invest to fix the weaknesses; and transfer risk, when there are weaknesses that you do not know or cannot fix but transfer them to a secure model so that they cannot harm you.” 

CYE IS showing impressive growth in its revenues. It successfully raised $120 million at the beginning of the year, led by the Swedish investment fund EQT and the Israeli venture capital fund North83. 

The company is currently expanding and intends to establish a division in the US, where it already has a large customer base. It is looking for additional partnerships and is in the midst of an intensive recruitment process. 

“Half of our revenue comes from the US, and it is not a new market for us. But as part of the expansion, we want to put a local team there. At the same time, we are recruiting dozens of workers in Israel in a variety of different technological and other professions and are looking for quality personnel". 

“Our target customers are large companies and enterprise organizations, but we also have packages for smaller companies that are required to meet high standards in terms of information security. Each organization receives a dedicated solution according to its needs, with the concept being equivalent for everyone – to diagnose and improve its defensive capabilities on an ongoing basis. We work with all industries that use IT capabilities, cloud, IoT, and the like. It is important to emphasize that our service is not on a ‘one suit fits all’ basis but is tailored for each customer individually". 

“I truly believe we have solved something significant in the perception of our organization. The system operator does not need another supplier or another technological tool, but someone who will help him make informed decisions, prioritize them and, of course, communicate correctly to the management,“ says Aronashvili, “and the proof of this is our customer loyalty and our growth.”

CYE has begun an extensive recruitment campaign and intends to double its workforce in the coming year. The recruitment process emphasizes the ability to develop the job as a business growth engine. Once employees are chosen at the end of a rigorous selection process, they undergo an intensive training process to adapt to existing work methodologies and bridge professional gaps. These abilities give them opportunities in the future for professional development and other positions, in accordance with their skill sets. 

“CYE employees do not necessarily come only from intelligence units,” Aronashvili says. “At CYE, what unites the team is phenomenal professional abilities, along with a real passion and love for the profession.” 

Translated by Alan Rosenbaum. This article was written in cooperation with CYE.