The global cyber defence strategy took shape in this part of the world when Israel became the first country “to come out of the closet” making cyber technology a legitimate civilian way of life. Once again, it is the Israelis leading the way into a robust space of cyber defence and offence, naming and shaming threat actors and putting together the best brains to beat new-age threats from targeted misuse of Artificial Intelligence.
The era of nameless, faceless cyber attacks is over. The Israel National Cyber Directorate announced before a packed audience of representatives from across continents attending the Cyber Week in Tel Aviv on June 27, “Anyone who carries out cyberattacks against Israeli citizens must take into account the price he will pay.’’
For more than a decade, countries have been debating the so-called 'name and shame’ tactic or 'attributing’ cyber attacks as a deterrent to unwanted cyber behaviour but none have come out as strongly in their fight back as Israel.
Gaby Portnoy, Director General of Israel National Cyber Directorate, said, “In the past year, we have been working hard to develop our resilience and expand our capabilities to detect cyberattacks, raising our shields and expose malicious activities, specifically Iranian.”
According to Portnoy, the vast majority of attacks are thwarted. He mentioned the attack in February that forced the Israel Institute of Technology, also known as Technion, to postpone exams and temporarily shut down its IT systems and attributed it to MuddyWater in collaboration with Darkbit-- two attack groups associated with the Iranian Ministry of Intelligence. He said, “They are also attacking civilian targets in countries like Turkey, Saudi Arabia, Egypt, Morocco, India, Oman, Bahrain, Kuwait and more.”
Portnoy said the Israeli defence community knows the Iranian cyber activities inside out and is working to disrupt them in different ways. From naming the Iranian intelligence and Hezbollah, to commending the United States for imposing sanctions on Iranian officials, the message was clear. Israel was preparing its 'cyber dome’ project by inviting friendly nations to participate.
“I would like to commend the US activities against Iran’s violent agenda and for imposing sanctions against two active cyber players in the Ministry of Intelligence and Security: Mojtaba Mostafavi and Farzin Karimi, who co-founded the Ravin Academy that trains hackers for malicious activities of the ministry.” The threats from elements in Beirut linked to Hezbollah, according to Portnoy, were damaging civilian lives across the world and to stop it, the international community needed to work together. “This is our joint responsibility.”
It is indeed a shift in global cyber strategy for many countries, including India, where cyber attacks are reluctantly spoken of publicly and governments are shy to admit offensive capabilities.
Portnoy is helming efforts in his country helping high school kids, small and medium enterprises and critical infrastructures like transport, hospitals, and banks to not just learn how to defend, but also assist the half a dozen security and intelligence agencies in effectively battling and exposing malicious activities and threat actors.
The United States, among others, clearly understands the fast-evolving dangers in cyberspace. Nathaniel C Fick, the ambassador at large for cyberspace and digital policy in the US Department of State spoke of joint efforts with Israel to implement an affirmative vision for a secure cyberspace and building a defensible, resilient and rights-respecting digital ecosystem.
The former combat marine said “With power comes responsibility” especially for countries with advanced capabilities .“We must award responsible behaviour and impose costs on irresponsible behaviour.” Fick stressed on a shared technology ecosystem where trust is paramount and reminded all United Nations members of their commitment to building a framework for responsible state behaviour.
“It’s universal. Technology innovation benefits with greater participation,” he said. Israel has endorsed the Declaration for the Future of the Internet with the US and sixty-five partners around the globe, launched last year to reaffirm and recommit to a single global Internet that is truly open and fosters competition, privacy and respect for human rights. Fick said it also articulates what a shared tech policy can and should be. He said border coalitions of countries have condemned Iran for its cyber attack on Albania’s critical digital infrastructure and Russia’s assault on Ukraine and provide assistance to mitigate future attacks. The thorny aspect of commercial spyware was also touched upon by Fick, who said the growing private market in these technologies, where it can be used as a tool of repression and human rights abuse needs to be countered by deeper international cooperation. He said a recent executive order in the US prohibits the operational use of commercial spyware that poses a risk to national security or has been used by foreign actors and urged countries to adopt similar measures.
Lastly, he said public attribution of malicious cyber activity, which is empirical and factual, is the key to building a rules-based order. From being technical to a rather political challenge, he said there is a need for more countries to join the US in lending voices to public attribution on a case-to-case basis.