Ex-Shin Bet cyber chief: Our cyber defense does everything you can imagine

Election-related cyberattacks could include, “public transportation, electric and other critical infrastructure” to elections “to bring about chaos and hysteria on election day.”

By YONAH JEREMY BOB
Updated: JANUARY 9, 2019 23:58
People walk past a floor graphic during the Def Con hacker convention in Las Vegas, Nevada, U.S. on July 29, 2017. (photo credit: STEVE MARCUS/REUTERS)
People walk past a floor graphic during the Def Con hacker convention in Las Vegas, Nevada, U.S. on July 29, 2017.
(photo credit: STEVE MARCUS/REUTERS)
Israel’s cyber intelligence community utilizes defenses covering “everything you can imagine and even beyond” to prevent “a clear and present danger” to Israeli elections, former Shin Bet cyber chief Erez Kreiner told The Jerusalem Post.
Kreiner made the statement in an interview on Wednesday following the dramatic revelation Tuesday by current Shin Bet (Israel Security Agency) director Nadav Argaman that an unnamed foreign state was attempting to interfere with the upcoming elections.
Describing the threat, Kreiner – who served in the Shin Bet for around 25 years until 2013 and currently works as an investor and cyber adviser in the private sector – said that various foreign countries “can influence our and other nations’ elections even where the voting is not electronic.
“They can still impact many elements of society” and “use propaganda to impact how people vote... in a direction that they want,” along with hacking political parties’ computer-related operations and information.
While Russia is the most discussed potential perpetrator in the news, and Kreiner acknowledged its “cyber capabilities are very strong,” he said there are four or five other obvious threats, listing off Syria, Iran, Turkey, the Palestinian Authority and Hamas as obvious candidates.
Next, he was pressed that Israel’s cyber capabilities are far more advanced than the countries on that list, making Russia, which has greater cyber capabilities than Israel, a more likely candidate to interfere.
“It doesn’t mean anything to have physical superiority,” he responded. “You could have the best police, and a simple thief can still break your window and steal from you. If you are not properly prepared, they can harm you.”
In addition, he said that “in the cyber arena, it is often the weaker parties against the stronger parties,” as cyber is an arena where the weaker party thinks “maybe it can harm you with cyber,” even if its military force capabilities are limited.
Yet Kreiner “is convinced that the Central Elections Committee knows what to do to defend the elections,” along with support from the Shin Bet, the National Cybersecurity Authority, the IDF, the Mossad and the police.
Confronted with the argument that the committee does not fall under any of the above security apparatuses and that this could leave it more vulnerable, he responded that the committee, the Shin Bet and the cybersecurity authority have “very creative people who know how to think out of the box.”
He implied that there are creative ways for them to cooperate and help increase the committee’s cyber defense capabilities without taking formal responsibility (since an important principle is for the committee to remain formally independent of any other authority).
Continuing, he said that the committee could borrow cyber defense methods “they know about from the commercial sector and methods that only the intelligence community has. There are many defense capabilities I cannot publicly speak about... I do not want to give adversaries hints in the media, but there are tools” for cyber defense that cover everything in the public domain and even go beyond.”
Moving to the question of how to defend political parties’ systems, which also are not under the defense establishment’s formal protection, he again referred to “creative ideas from many places,” in both the commercial and the defense sectors, which would be sufficient.
Discussing Institute for National Security Studies cyber expert Gabi Siboni’s ideas for motivating the private sector to better defend itself from cyber threats, Kreiner concurred with the idea that it often works better to motivate people to defend their networks with incentives as opposed to enforcing penalties.
Kreiner discussed the need for a new cyber law to also set a framework for national cyber defense both in the public and private sectors.
Regarding any future cyber law, he said it is again important to be creative, as often “cyber area problems cannot be solved the same ways other problems can be.”
For example, he asked who is responsible for the cyber defense of a smart car: the manufacturer, such as Hyundai and Toyota, the importer to Israel, or the Transportation Ministry, and what is the best practical approach to answering that question?
Still, since it is clear that there will be no new cyber law in place before the April 9 election date – complex laws like a cyber law can sometimes take years to pass, and the first attempt was blocked at an early stage in the last Knesset – he is confident that Israeli cyber authorities will use existing tools to sufficiently defend the election.
Another expert, CyberArk Labs team leader and former IDF cyber, field and air force intelligence officer Lavi Lazarovitz, noted an entirely different angle of potential cyberattacks.
Lazarovitz said that election-related cyberattacks could include “public transportation, electric and other critical infrastructure” to elections “to bring about chaos and hysteria on Election Day.”
Such attacks would also “substantially obstruct the democratic process.”
For example, “an attack on public transportation in an urban area could alter the relative number of voters... able to arrive at the voting booths,” as opposed to rural areas, where the relative number of voters would go unaffected.
He said that talented cyber hackers who want to influence the elections could cause profoundly greater harm to the elections through such infrastructure attacks “than 1,000 bots” posting on social media.
Kreiner also discussed evolutions in the Shin Bet’s cyber abilities during his long tenure, saying that the agency’s technology unit “was always very strong,” but that it had evolved “from being a facilitator of operations” to “becoming its own area of operations, but with completely different rules not limited by the laws of physics.”
Likewise, when asked about a 2016 speech by former Shin Bet chief Yoram Cohen about increased abilities to identify cyberattackers, he said the agency “has some capabilities which collect information which cannot be brought to court without revealing sources and methods which adversaries are unaware of.”
He paused, saying that “I need to be careful speaking too much about these capabilities,” adding that the Shin Bet had and is “making substantial new leaps forward all the time.”
He concluded saying that in cyber defense “you can never rest... You always need to look dozens of years into the future” – one reason, he said, that experts from all over the world always attend Israel’s annual and upcoming Cybertech conference in Tel Aviv.
Kreiner will be among the January 28-30 conference’s speakers.