A week after the discovery of the worst cyber attack in U.S. history, the full extent of which is still unknown, it appears as though Israel is complacent in the face of the cyber threat.
For days now reports have been circulating that the Pay2Key hacker group has carried out attacks against Israel’s transportation and health ministries, and even on ELTA Systems, a subsidiary of Israel Aerospace Industries. When the IAI was asked about the matter last week, it responded that “the company operates advanced defense mechanisms and constantly scans its computer systems for threats.”
IAI continued business as usual. After claiming on Sunday that the Defense Ministry had forbidden it to discuss the issue, which only three days earlier it had denied ever happened, the IAI changed its tune and stated that the incident was being reviewed.
It would appear that officials in Israel have not yet realized that in 2020, information cannot be concealed. What’s worse, it’s doubtful that officials have realized the dangers: With all due respect to the Start-up Nation, if the computers of the U.S. government and America’s most sensitive agencies were hacked, Israel is just as vulnerable. A strong attacker who invests enough money and effort can penetrate plenty of targets and cause major damage.
Elta is not Shirbit (the insurance company hacked earlier this month). It is much more protected and holds much more sensitive information. It is one of Israel’s most unique and sensitive defense companies and develops capabilities that no one else has, either Israel or abroad. Its radars are the most advanced in the world and are used, among other purposes, for Iron Dome and David’s Sling, as well as other defense systems. They are a key element to the company’s contribution to Israel’s defense superiority, as well as its flourishing defense export sector.
But the problem doesn’t end with Elta’s internal information. The company is linked to its customers—the most notable of which is the Israel Defense Forces—as well as to several other militaries worldwide, and their own sensitive information. In that aspect, it is a key link in the supply chain, making it a favorite target for hacker groups all over the world. As in the case of Amital, which supplied logistics services to dozens of companies in Israel, or the U.S. company Solar Wings, attacking a supplier like Elta could net an attacker a bigger prize than they may have intended.
On the face of things, Israel has been working on cyber defense for years and is supposedly very good at it. Evidence of that is that thus far, only a few serious attacks that managed to penetrate critical Israeli infrastructure or top Israeli companies. But it looks like those happy days are over. Whether it was the successful attack on Shirbit that proved that Israel is less protected than we thought, or whether the attackers’ daring and capabilities have grown, we have recently seen a spike in the number of attacks on Israel and Israeli companies.
Despite the natural tendency to tie everything to Iran, the reality is more complicated. The Iranians might employ a lot of hacker groups, although up to now they have yet to cause a major attack that led to significant damage (as far as we know). But there are also civilian groups with impressive capabilities that operate for money or enjoyment and could do a lot of damage here.
Russia and China—which constantly launch cyber attacks against U.S. targets—could also operate in Israel for the sake of industrial espionage or defense, and it will be much more complicated to handle them. Israel would do well to be realistic about the issue. The ambiguity with which officials address cybersecurity was appropriate for other times, not the cyber era. If we don’t adopt a policy of transparency and leadership, we will find ourselves chasing our attackers.
Yoav Limor is a veteran Israeli journalist and columnist for Israel Hayom.
This article first appeared in Israel Hayom.