Former Shin Bet head ‘bursts myth’ on cyber hackers who attack Israel

Yoram Cohen’s statements indicated that the Shin Bet’s abilities to decipher who cyber attacks Israel are more advanced than has been previously known.

Operators in the Israel Navy cyber control room (photo credit: IDF SPOKESPERSON'S UNIT)
Operators in the Israel Navy cyber control room
In his first big speech since stepping down as head of the Shin Bet (Israel Security Agency) last month, Yoram Cohen on Tuesday said he wanted to “burst the myth of retribution,” explaining that Israel always eventually learns who to hold responsible for trying to cyber-hack it.
Conventionally, most government and private sector officials say that one of the puzzles of cyber warfare is identifying who initiated a cyber attack.
Cohen’s statements, made at Tel Aviv University’s International Cybersecurity Conference, indicated that the Shin Bet’s abilities to decipher who cyber-attacks Israel are more advanced than has been previously known.
He also gave the agency credit for blocking all major cyber attacks the country has faced during his tenure (May 2011 to May 2016).
The former Shin Bet director explained that a major challenge in the field is that one small oversight could help Israeli adversaries inflict substantial harm.
At the same time, he said that Israeli intelligence had been empowered, realizing that the same was true for cyber-attacking adversaries – meaning Israel has many opportunities to inflict substantial cyber attacks from their mistakes.
Cohen pointed to three main cyber threats: computer network attacks, computer exploitation attacks and social media influence attacks.
Splitting them up, he said that while the first two are well-understood, the public is less familiar with the last one.
He explained that terrorist and jihad groups have started to launch sophisticated social media campaigns to try to mislead and frame the way that a target-country’s general public views developing events – since so much of an average person’s understanding of current affairs now depends on social media.
Latching on to a similar idea, Maj.- Gen. Herzi (Herzl) Halevi, IDF chief of military intelligence, who also spoke at the conference, described the dilemma concerning confronting these campaigns on social media.
He said that one of the questions asked is whether Israel should “plant” ideas of its own on social media to influence its adversaries in the country’s favor.
Mainly, Halevi described the purpose of the IDF’s cyber capabilities as targeted on “weakening enemy forces… and deterring them from war.”
While the IDF has sometimes been quieter about attack-orientated activity in this field, Halevi explored some cyber attack issues.
He said cyber attacks only work if you are highly familiar with your enemies’ defensive capabilities and if you are ready to think outside the box.
The IDF intelligence chief also said that offensive cyber capabilities were more powerful against more advanced enemies with more computerized networks.
Though he did not give specific examples, there may be differences here between Hezbollah and Hamas.
In June 2015, The Jerusalem Post reported a statement made by former IDF Brig.-Gen. Pinchas Barel Buchris, that Israel has the ability to hack advanced computerized Hezbollah rockets.
Similar reports arose in April about US and Chinese cyber capabilities concerning hacking adversaries computer systems, including computerized rockets.
But this cyber capability may be less useful with Hamas whose primary arsenal is home-made and non-computerized rockets and mortars.
Halevi said that identifying and defining cyber enemies is extremely difficult since adversaries sometimes outsource their hacking of Israel to “cyber militias” who may not be openly affiliated with the adversary.
Another challenge he mentioned was the massive budget required to keep up with the fast-expanding cyber infrastructure needs, and with the constant and rapidly changing threats.
Moving on to a different arena, he gave a progress report of the IDF’s ongoing almost year-old move toward creating a single unified cyber authority.
He said it would probably be established by the end of 2016, but that there were still open questions about where it would be located and how best to combine cyber and intelligence capabilities.
Newly appointed National Cyber Security Authority head Buky Carmeli and Foreign Ministry’s cyber chief Iddo Moed also spoke at the conference.
Carmeli explained his new authority’s vast array of coordinating responsibilities of all state cyber efforts in both the civilian and defense sectors.
Moed emphasized the importance of international cooperation in addressing the latest threats.