×

'Everything on the internet is monitored': Israel's cyber security head

Erez Tidhar is executive director and head, Israel National Cyber Directorate

Erez Tidhar

Q/ Does Israel monitor its cyber space?

A/ As part of a common cyber security practice in the world, the Israel National Cyber Directorate (INCD) is scanning the entire Israeli cyber space 24x7 for anything in the outer perimeter of the entities using the cyber space, which means everything that is launched to the internet is being monitored, similar to the neighbourhood security watch looking for open windows and alerting neighbours to be careful of burglars. By doing so, we find a lot of vulnerabilities in systems, which helps us call those entities, [for instance] small and medium enterprises, and tell them they are exposed to an attack through this vector of entrance and ask them to patch it up or close it. We expect them to follow our advice and we have a huge success in it.

Q/ The Iron Dome has become synonymous with Israel’s defence capabilities. What is the vision for the Cyber Dome?

A/ The Cyber Dome is the future for cyber defence. Just like we have the Iron Dome, the Cyber Dome is a multilayered process or programme because cyber is a multilayered attack vector. We need to cover the basics [and] right up to the highest level [like] critical infrastructure. This is being done [with] the Cyber Dome—a humongous project with a lot of partners and enterprises. I will say we are half way there, but the good news is that we are half way there. I believe it will bring a change in the Israeli cyber sphere.

Q/ CERT (the Israeli Cyber Emergency Response Team) is mainly defensive while other agencies have offensive capabilities. How do you ensure privacy of citizens between the two?

A/ The INCD deals with defence only. But regarding privacy, I will say something hard to digest. There is no more privacy in the world because our information is out there and, therefore, I tell people, be responsible with what you post and your own phone. Because privacy is something hard to keep and people voluntarily put a lot of private information on the net without realising it. Privacy has to be a personal responsibility and everyone should be responsible for their own private information. Whatever you have to give away, do it in a secure way.

Q/ What is the cyber security architecture in place in Israel?

A/ In Israel, there is a law for critical infrastructure alone which measures if they are compatible to the set of rules that we have established for them. There is a special methodology in place and these critical infrastructures are obliged to match up to the standards that we decide. The essential services, which is one level below, are under the regulators’ authority, which are the government offices and ministries, who decide the level of protection needed.

The INCD is in the process of trying to pass a bill that will enable the regulators to set standards to ensure better protection of their entities. The INCD will supervise and assist them. So, the Israeli law divides what is under the direct supervision of the INCD and what is under the government offices and we are continuously working to raise the robustness and resilience of every essential entity.

Q/ The INCD comes under the prime minister. How does it insulate itself from, say, political pressures or interests?

A/ The INCD is a professional organisation that deals only with cyber defence and is not a political organisation. This means that our prime minister is in charge of this entity, but does not give us our working programme. In my seven-and-a-half years here, we have never encountered political requests or something opposed to our professional opinion.

Israel is a strong democracy and it will stay that way and this includes the work done by our agencies. For instance, during elections where the prime minister is one of the candidates the responsibility of INCD goes to a nominated judge.

Q/ How do you stop countries like China from appropriating Israeli technology? Has that been a concern?

A/ Firstly, Israeli technology and developments within are guarded safely. There is an entity that is responsible for all the expertise and knowledge in Israel and protecting every validated technology or information that leaves Israel. If a country is dealing with cyber espionage in order to steal information, I believe it is a worldwide disease and we are doing the best we can to protect against that now. It does not matter what the purpose of the attack is; it can be for distraction or espionage. We are defending against any threat, 360 degrees, and that includes espionage or stealing our systems.

Q/ What is the strength of Israel's cyber army of Israel, if I may call it that?

A/ The INCD is a relatively small agency consisting of 350 people, but there are a lot of other agencies, including those dedicated to cyber warfare, offensive and defensive. Then there are units in the army and other agencies. In almost all security agencies in Israel there is a cyber division or the organisation has dedicated technology for it. So, while we can’t put a finger on the numbers, there is a lot of manpower today dealing with the cyber dimension of warfare which, as I said, is a new dimension we have to take care of now.

Q/ How is the collaboration of CERT with CERT-India?

A/ The INCD has relations with more than 90 countries and India is one of them. We have a good cooperation with the Indian CERT and we regularly share information, indicators of compromise and, many times, when there is an attack on Israel, we pass on the information with all our partners, including India, so that they can be prepared for the same incident. The cooperation in information sharing is on a daily basis.

We invite every country to share any problem they encounter with Israeli CERT and we will try to provide the assistance of our incident response teams and analysts.

Cyber is a global war and it does not affect only one country. Today, if the attackers are at my borders, tomorrow they will be thousands of kilometres away, attacking another country. We are ready to assist anyone, because tomorrow we will need that assistance as well.