The dark side of Israeli cybersecurity firms

Exists of Israeli cybersecurity firms have become somewhat of a norm in recent years. Last February alone, the Israeli-founded cybersecurity firm ForeScout was acquired for a staggering NIS 1.9 B.

Hackers and cybersecurity (photo credit: REUTERS)
Hackers and cybersecurity
(photo credit: REUTERS)
Are Israeli companies involved with developing "dark" technology? A recent report by Walla! examined the likelihood of such technology falling into the wrong hands.
Exists of Israeli cybersecurity firms have become somewhat of a norm in recent years. Last February alone, the Israeli-founded cybersecurity firm ForeScout was acquired for a staggering NIS 1.9 billion. Shortly after, the Israeli company CyberX was acquired by Microsoft for NIS 150 million.
This trend has made Israel was of the most dominant exporters of cybersecurity technology in the world, surely when comparing the number of exists of start-ups in relation to the population. However, Israel has also positioned itself on the "dark side" of cyber capabilities, as several big companies in Israel today are developing digital tools with the potential of becoming powerful weapons in the wrong hands without proper supervision. Some of these capabilities have been making headlines, while others remain completely unknown.
The common denominator of these companies is their definition as cybersecurity firms.
"The law doesn't allow companies or individuals to get involved with offensive cyber," according to Dr. Harel Menashri, head of the cyber department at the Holon Institute of Technology, who was a co-founder of the Shin Bet Cyber Warfare Unit.
"The Israeli cyber industry has made itself a good name regarding advanced capabilities ... One of the greatest advantages of the Israeli culture is the ability to develop and move around things very quickly. Even if I didn't serve in the same unit with someone who I'm interested in, I'll probably know someone who did," Menashri added. "Israelis gain their technological knowledge during their military service through units like 8200 and the cyber units of Shin Bet and the Mossad. That knowledge is a weapon, and today, quite a few IDF veterans from intelligence units move abroad and share their knowledge with foreign parties."
Menshari gave the example of a group of young Israelis who had graduated the IDF's elite Unit 8200 and a few months ago decided to go and work for the UAE-based intelligence firm Dark Matter after being tempted by large sums of money. Menshari warned of such capabilities falling into the wrong hands that may choose to direct those capabilities against the State of Israel in the future.
"The government has to intervene, and I hope something will be done to change this problematic situation in the next few months," Menshari said. 
But the danger doesn't usually lie with individuals, but rather with companies.
In 2016, the Petah Tikva-based firms Cellebrite made headlines when it was called to arms by the FBI, that had been unsuccessful in breaking in the phone of a San Bernardino terrorist who killed 14 people in 2015. The FBI contacted Cellebrite after Apple had refused to assist in opening the smartphone that was protected by a password.
A different example is NSO, that several months ago found itself in the middle of a scandal involving Facebook. The company develops the spyware "Pegasus," which Facebook claimed was used to hack into smartphones. Some critics have claimed that NSO actively searches for weaknesses in security systems for the sole purpose of taking advantage of them and remotely taking over the entire system.
Earlier this year, the UN has made allegations that connected NSO to the hacking the smartphone of billionaire Jeff Bezos, CEO of Amazon.
NSO denied all allegations, claiming that "the company [was] shocked by the publications of Bezos' alleged hack," adding that "if it's true, it deserves an investigation."  
After its name came up as a possible involved party in other controversial incidents, such as in the case of Saudi journalist Jamal Khashoggi's murder, NSO released the following statement.
"NSO's activities are all carried out in accordance with security export laws and under the supervision of all relevant parties within the Israeli defense establishment. Every deal is subjected to the state's approval. Furthermore, the company operates an external ethics committee that examines every deal before it's carried out, even if the state has already approved it. We won't tolerate an abuse of our products and will investigate every case suspected of such wrongful abuse."
Israeli cybersecurity are renouned for their global export and innovation, their technology holds the potential of not being used for their intended purposes. Perhaps regulatory actions by the state are required in order to make sure that Israel's technology does not end up being used against it.