Founder of the upcoming CyberWeek weighs in on Russia and Iran’s cyber warfare attempts

Isaac Ben-Israel, the man who kickstarted the Israel’s cyber revolution, gives insight into cybersecurity’s many facets.

 A Russian flag is seen on the laptop screen in front of a computer screen on which cyber code is displayed, in this illustration picture taken March 2, 2018. (photo credit: REUTERS/KACPER PEMPEL/ILLUSTRATION/FILE PHOTO)
A Russian flag is seen on the laptop screen in front of a computer screen on which cyber code is displayed, in this illustration picture taken March 2, 2018.
(photo credit: REUTERS/KACPER PEMPEL/ILLUSTRATION/FILE PHOTO)

The annual international cybersecurity CyberWeek event is kicking off on Monday in Tel Aviv. Cybersecurity experts, industry leaders, start-ups, investors, academics, diplomats and government officials will gather for a thought-provoking exchange of knowledge, methods and ideas related to the cybersecurity industry and the fields surrounding it. More than 40 round tables, panels, workshops, forums, BSides and competitions will take place at the weeklong event.

Prof. Isaac Ben-Israel, director of the Blavatnik Interdisciplinary Cyber Research Center at Tel Aviv University, is a co-founder of the annual event. A major-general in the IDF, he served in several top defense technology units until his retirement in 2002. In 2011, he submitted the National Cyber Initiative to the government, a plan that laid the foundation for Israel’s cyber revolution during the past decade.

How would you define the fundamental idea of CyberWeek? Is there really enough to go over to take up a whole week?

From the beginning, the main idea was – and still is – to regard cyber activity as a kind of interdisciplinary discipline. It’s not only about technology. Although most of the problems in the 21st century we tend to solve with technology, many times those problems are not purely technological. Solving these problems, many times, may depend on variables, like the psychology of the user, or sometimes the psychology of the masses, when looking at things like social media.

One often has to take into account legal problems, [or] the conflict between different sets of values, like security on the one hand and privacy on the other hand. We could also make cybersecurity much more efficient if we disregard the privacy or human rights of our own citizens – which is, in a way, a philosophical question. These factors have nothing to do with technology.

 Maj. Gen. (Ret.) Prof. Isaac Ben Israel  (credit: YUVAL NE'EMAN WORKSHOP FOR SCIENCE TECHNOLOGY AND SECURITY) Maj. Gen. (Ret.) Prof. Isaac Ben Israel (credit: YUVAL NE'EMAN WORKSHOP FOR SCIENCE TECHNOLOGY AND SECURITY)

We started with a one-day conference and then we said, ‘Okay, but we have to discuss the legal issues, we have to discuss ransomware, we have to discuss human psychology, business issues.’ We had to keep extending it.”

Prof. Isaac Ben-Israel, Director, Blavatnik Interdisciplinary Cyber Research Center, Tel Aviv University

Next week, you will find people from many disciplines: computer scientists, engineers, etc, but there are also people that are involved in policy and legal issues, psychology, you name it: all the issues that I mentioned. That is the nature of CyberWeek, from day one until today. That’s why we need a week. We started with a one-day conference and then we said, ‘Okay, but we have to discuss the legal issues, we have to discuss ransomware, we have to discuss human psychology, business issues.’ We had to keep extending it.

Do you see CyberWeek as the big Israeli cybersecurity conference or as the big cybersecurity conference that happens to be in Israel?

Do you see CyberWeek as the big Israeli cybersecurity conference or as the big cybersecurity conference that happens to be in Israel?

There is not much difference between the two, because while we didn’t invent the technology in Israel, we were among a very small group of countries which used it for intelligence and defense.

What we were the first to do, in a way, was to come out of the closet with our cybersecurity knowledge. In 2011, we decided not to keep it a secret anymore. We made it a legitimate subject for normal civilian activity. We started to develop academic centers.

It’s hard to believe but when we started in 2011, there was not even one university on the globe in which you could go and study cybersecurity. Why? Because if you publish a paper about it in a university, the enemy will also read it. So the attitude was to keep it secret.

Today, we are the only country in the world where we teach cybersecurity in high schools. But that gives us an advantage. When people all around the world would like to go and see what is in the fault line or cybersecurity, they will usually find it in Israel.

Moving away from CyberWeek, I wanted to pick your brain on the cyberwarfare that was reported at the onset of the Russia-Ukraine conflict. Why haven’t we heard about more cyberattacks between the two countries as the war has waged on?

Usually, when you build a certain offensive capability – tanks, aircraft, submarines – you can assume that 20 years from now the situation will be different, and everything you prepared 20 years before may not fit the new battle arena. So part of military organization is to track the changes on the other side, and if you come to the conclusion that the weapons that you already have do not fit the situation anymore, you modify your weapons or develop a new generation of weapons. It’s an endless game: you prepare certain capabilities, you follow the changes on the other side, you modify your capabilities.

The same also holds for cyber weapons. The only difference is that the timescale is very short. You cannot expect tools that you developed six years ago to operate today, because the probability that the victims will [still] have the same architecture is almost zero. In the cyber field, six years is like five generations.

If you want your capability to be adaptive, you have to invest a huge effort in maintaining this capability. Russia didn’t do that, and that’s why when the war started, you saw certain cyber actions, but that was the end of it.

Does the same idea apply to the back-and-forth of cyberattacks between Israel and Iran?

It’s not the same because, outside of a wartime scenario, both sides have a lot of time to develop their attacks. Our exchange of attacks aren’t really things that are improvised on the spot. If you need another month, you can take another month to develop. It’s different.

Still, it demonstrates other things. Until now, all the Iranian attempts to cause damage to Israel via cyber technology have been very marginal. This may change at any time, but until now, they’ve tried but failed. That shows us that the tools we built for protecting ourselves are effective, but that doesn’t mean that we can sleep on the job – because they’re definitely trying.