Cyberattacks could disable Israeli academic institutions if proper action isn't taken to prepare for such situations, Israel National Cyber Directorate (INCD) chief Yigal Unna warned in a letter to the Committee of the Heads of Universities earlier this week.
"In light of repeated alerts and cyber incidents in the academic sector, the cyber threat posed exposes the institutions to a reasonable scenario of actual harm to the various operating systems –to the point of disabling the institution's activities, and further damage to the information assets and even the reputation of the institutions," wrote Unna.
The INCD chief warned that the extensive connectivity between academic institutions and other bodies and organizations could pose a risk to other bodies as well and may lead to liability.
Unna advised academic institutions to appropriately prepare to support the cyber defense effort in terms of resources, human capital and processes to "ensure resilience and early detection, prevention, containment and recovery."
The official advised that the institutions cooperate with the directorate in a series of measures, including an emergency meeting on the topic, preparation for extreme situations and drills, and the development of an awareness plan for faculty and a plan to uncover cyber security vulnerabilities, among other steps.
The letter comes 11 days after a cyberattack that targeted Ben-Gurion University of the Negev earlier this month, resulting in a breach in a number of its servers.
At the time, the university stated that it was operating regularly, except for "isolated difficulties," adding that "no significant damage to the servers is known of."
A combined team of researchers from the INCD and Ben-Gurion's Technologies, Innovation & Digital Division was formed after the breach was discovered, which worked to prevent information leaks and to contain the incident.
It is still unclear who carried out the attack.
On Monday, cybersecurity consultant Einat Meyron reported that sources close to the incident stated that it is still being handled and that it is a "serious and deep attack."
"Rumors are always a dangerous, problematic and unnecessary thing, but they are possible when there is no transparency – or at least an orderly process of creating an interface between the person dealing with the attack, his clients, the stakeholders and, in this case, even his colleagues," she said.
"It is quite understandable that a business entity would not want to share information that could harm it even more, certainly when there is no law that requires it. But there should be – or at least there is expected to be – collegiality," added Meyron.
Meyron welcomed the INCD's call to create an orderly process of information sharing, stressing that information security managers need to deal with a sectoral threat that could endanger them at any given moment – without having the information and identities for a particular attack to examine what tools are available to them and what budgetary addition is required for them to produce a compliant defense standard.
The attack on the university came after a series of cyberattacks on Israeli businesses and institutions, including Israel Aerospace Industries, the Shirbit insurance company and the Amital software company.
The National Cyber Directorate reported that it handled more than 11,000 inquiries on its 119 hotline in 2020, some 30% more than it handled in 2019. The directorate made about 5,000 requests to entities to handle vulnerabilities exposing them to attacks and was in contact with about 1,400 entities concerning attempted or successful attacks.