Cyber chief: Major hacks can cause more damage than nukes

On the one hand, cyber weapons are like the spear since they are “relatively easy to develop, it is just a code, like letters, like numbers.”

Cyber Hackers (photo credit: REUTERS)
Cyber Hackers
(photo credit: REUTERS)
Major hacks can cause even more damage than nuclear weapons, National Cyber Directorate director-general Yigal Unna said Monday.
“Cyber weapons are something in between” the ancient spear as a weapon and nuclear weapons, he said at Tel Aviv University’s 10th annual Cyber Week via videoconference due to the coronavirus crisis.
On the one hand, cyber weapons are like the spear since they are “relatively easy to develop,” he said. “It is just a code, like letters, like numbers.” On the other hand, “the damage they can cause is as great as nuclear weapons, even more.”
Unna gave the example of attempted hacks of nuclear-power plants, which could lead to catastrophes such as nuclear meltdowns.
In his talk, dubbed “How Israel will eradicate the pandemic of threats to cybersecurity,” he said a first step was quantifying the size of the problem.
The coronavirus pandemic caused many people to work remotely from home, he said, which is a “major problem from a cyber perspective because the attack surface grows dramatically… there is more opportunity for the bad guys to penetrate… into the [digital] fortresses that we managed to build in normal times.”
Unna gave the example of a potential cyber ransomware attack causing tens of billions of dollars of damage to a country’s economy.
It is important that the National Cyber Directorate helps prevent the cyber epidemic spreading from a small number of companies’ networks, which is sometimes unavoidable, to a much larger volume of a country’s networks, he said.
Referring to “data as the basis of all the solutions” for preventing a cyberattack from spreading within a country, Unna said the good news was that “the vaccine in cyber is much cheaper than the cure for COVID-19.”
Israel’s recent cyber agreement with the United Arab Emirates and an upcoming cyber agreement with Bahrain are examples of countries partnering together to improve collective cybersecurity, he said.
Unna said many Iranian newspapers and journals have honed in on him and UAE cyber officials as targets for criticism as part of Tehran’s efforts to try to hold off any legitimacy that Israel gains from new deals with its Sunni Arab neighbors.
Former US State Department cyber official Christopher Painter spoke about cyber diplomacy tactics for reducing conflict and spying between nations.
While recognizing that the US and China are at loggerheads, he said a deal reached with Beijing during his time in government had reduced cyber conflict at least for some period of time.
For those nation-states resistant to diplomacy, countries must be ready to act collectively to both name and shame them for hacking as well as imposing concrete costs for their behavior, Painter said.
Even the costs imposed on rogue-acting cyber countries should avoid being escalatory so as not to lead to an even bigger problem, he said.
Famed technologist Bruce Schneier listed a variety of areas for the conference, including “patching” networks’ hackable holes and “supply chain” holes (where ostensibly locally made devices were really assembled in a variety of foreign countries) in which technological advancement is outpacing the capacity to maintain cyber defense.
The US and the West should rethink the role of social-media giants such as Facebook in a democracy and support new levels of government regulation to protect public safety, he said.
The malware analysis expert known by the pseudonym "TurtleSnap" said the next wave of viruses will be true artificial-intelligence viruses, which self-reproduce and decide their own goals and paths of infecting devices.
The key to defeating such AI viruses was preemptive cyberattacks on them as opposed to waiting for them to attack and responding defensively with antivirus software, she said.