Is Israel downplaying the number of successful cyberattacks against it?

In Israel, hacked victim government agencies or corporations will present everything “as a one-off cyber terror act. Once you get hacked, it’s your reputation at stake.

Cyber hacking (illustrative) (photo credit: INGIMAGE)
Cyber hacking (illustrative)
(photo credit: INGIMAGE)
Israeli government entities are hacked and invaded with ransomware just like in the US, but “defense agencies in Israel conceal this from the citizenry,” cybersecurity firm Monstercloud CEO Zohar Pinhasi has told The Jerusalem Post in an interview.
Pinhasi, who worked in the IDF in information security, does not back up this controversial statement with a concrete case, perhaps leaving his claim open to question.
But he does back it up with broad data, a record of saving even US law enforcement from ransomware attacks, and with the reputation of a partner, John Pistole, who used to be deputy chief of the FBI.
In addition, Pinhasi says, “We assist the FBI in cyber intelligence. They reach out to us. We write reports to the FBI very often… which the FBI relies on… if they need a report in a specific case.”
In one case, “we had very specific [cyber] intelligence which they needed – we handed over the intelligence… The attack came through an information technology vendor in Alabama who reached out to us. We are the only company” regarding which “law enforcement agencies confirm” that we assisted them.
As Pinhasi argues, “There is no system which is 100% sealed. If there is a computer, it can be hacked. I can hack an air-gapped machine with its wifi disabled. I can still gain access to the machine and inject a virus. That, by itself, can tell you a lot.”
“If criminals could gain access to the National Security Agency, and Twitter, what is the police department” to them as a hacking challenge and can Israel really have escaped unharmed by hacking?
While complimenting Israel’s defenses against cyber terrorism and other attacks as very strong, he says, “I don’t have proof, but based on thousands of ransomware cases and other types of attacks, and that we’ve assisted [hacked] law enforcement agencies and entire cities,” he is convinced that Israel has not owned up to all of its cyber breaches.
He comments, “The chance that something like that didn’t happen is zero. It just doesn’t make any sense. Attacks on government facilities typically draw a lot of attention.”
In Israel, hacked victim government agencies or corporations will present everything “as a one-off cyber terror act. Once you get hacked, it’s your reputation at stake. It’s not just money,” he continues.
Pistole did not directly weigh in on the issue, but did tell the Post that the FBI is highly focused on cyber threats, “ranging from nation states attacking other countries such as the US, Israel and its allies for national security intelligence, to organized crime groups utilizing cyber attacks to achieve their fraud schemes.”
Also, he notes, “Under my leadership, the FBI created the National Cyber Investigative Joint Task Force to address these myriad threats.”
Further, explaining why he chose to join Monstercloud after retiring from the FBI, he says, “Once I met Zohar and learned about their work, I was impressed that some of their work was done pro bono for law enforcement agencies, which had been subjected to a ransomware attack, and they had a number of satisfied clients.”
ADDRESSING WHICH country between Russia, China and Iran, is the biggest hacking threat to the US and other countries, the former deputy FBI chief states, “I think all three countries currently and will continue to pose a clear and present danger to the rest of the world, but especially freedom loving democracies with hi-tech and cutting edge companies, innovators and entrepreneurs.
“China, Russia and Iran have demonstrated their interest in and ability to steal classified data, intellectual property and trade secrets from governments and companies, thereby causing literally billions of dollars of losses,” says Pistole.
Digging into his vast experience with the FBI, Pistole advises readers that, “Virtually all the cyber investigations I oversaw while in leadership at the FBI dealt with the old adage, trust but verify. As Zohar and his Monstercloud colleagues can tell readers, the majority of successful ransomware, denial of service, malware and related cyber attacks are the result of human error.”
He adds that this is, “often accentuated by lax firewalls or internal controls or procedures. ‘Don’t click that link’ continues to be some of the best advice I can offer.”
Likewise, Pinhasi says that it is almost less important where a ransom ware or other cyber attack comes from when it comes to nation-states or criminal groups.
He says that whether it is Russia, Poland, the Philippines, Iran or North Korea – at the end of the day, bad cyber actors can put 1000 ‘hats’ (viruses) into your system regarding “which you can’t really know where they are located.”
Another reason Pinhasi suspects that Israeli defense officials underplay the number of times that Israeli adversaries have successfully breached their digital infrastructure is that almost all law enforcement agencies do this.
He estimates that the general public only “hears about 0.5% of all attacks taking place.” He says that from his work with the FBI, he knows that they also publicly substantially downplay the volume of successful digital breaches.
Pinhasi related a story where he had to convince police officials to report their being breached to the FBI since the police were worried that the FBI “will show up on our doorstep” and make their lives complicated.
Monstercloud has assisted a large municipality in Colorado as well as 25 police stations which were hacked in Texas.
Why is Pinhasi trumpeting Israeli vulnerability?
“The first flaw in security is to think that I am the best. If you get cocky and think you know everything, you are going to get hacked,” he responds.
In other words, Pinhasi views his statement as a wake-up call to overconfident defense officials.
Obviously, this is also an opportunity for him to trumpet Monstercloud for “cracking cases that no one could do” due to its unique cyber intelligence gathering capabilities.
He adds that while Monstercloud cannot go back in time to prevent a cyber attack when it is only brought into the picture after-the-fact, its clients have “never had a second infection” once it steps in.