by Eliyahu Berkowitz
Cyber warfare is a very real reality. Any military force that uses weapons more advanced than swords and spears relies on computers for most of its most basic functions. Israel is vastly outnumbered so much of its security is based on maintaining a technological edge over its enemies. Tel Aviv University (TAU) Institute of National Security Studies (INSS) director and former Israel Defense Forces (IDF) Chief of Military Intelligence Maj. Gen. (Res.) Amos Yadlin spoke at a conference in Washington, DC, and explained that it is no longer sufficient to build up cyber-defenses. Just as in conventional warfare on a physical battlefield, it is essential to be on the offensive in cyber warfare.
“Building a cyber-wall-of-defense around strategic national assets is not enough,” said Yadlin. “A country’s cyber-defense toolbox must include advanced attack capabilities. This combination is essential for effective cyber-defense.”
Though America and Israel have a long history of cooperation in the military and in intelligence, there has yet to be such an initiative in the area of cyber warfare. The conference was a step towards remedying that.
INSS director of Military and Strategic Affairs and Cyber Security Gabi Siboni also participated in the conference. Siboni said, “Not enough has been done to advance cyber-cooperation between Israel and the US, given the severity of the threats facing both countries. There is a need for a joint mechanism to integrate the technological and intelligence capabilities of Israel and the US.”
Yadlin referred to Stuxnet, a classic case of cyber warfare that that shut down the centrifuges at Iranian nuclear facilities. Unconfirmed reports claim that a joint effort by Israel the US was responsible, which was precisely the point of the conference; to advance cooperation between the two countries in cyber war.
The Stuxnet attack on the Iranian centrifuges was not just a simple virus that shut down their computers, like one you would get on your PC at home. The system in the Iranian labs was not connected to the internet. In order to attack the Iranian labs, the designers of Stuxnet first infected computers belonging to five outside companies that were believed to be connected in some way to the Iranian nuclear program. The virus was transferred to the computers in the Iranian labs on USB keys that were used to move files to Iran. Once inside the system, the code reprogrammed so-called PLC (programmable logic control) software to give attached industrial machinery new instructions. In this case, the new code manipulated valves on the centrifuges to increase the pressure inside them and damage the devices as well as the enrichment process.
Another case was in 2012, when the computer network of Saudi Aramco was attacked by a self-replicating virus later namedShamoon, that infected as many as 30,000 of its Windows-based machines. Despite its vast resources as Saudi Arabia’s national oil and gas firm, Aramco, according to reports, took almost two weeks to recover from the damage. Though not technically an attack on a military target, it was an attack on vital resources. Germany reported that one of its steel mills was damaged by a cyber attack.
One of the dangers of cyber attacks is that a powerful, sophisticated, technologically advance target can be infiltrated by a much smaller enemy. The BBC reported on several such attacks, including a takeover of France’s TV5 Monde by a group associated to ISIS. A cyber attack could shut down entire cities, crippling their computer controlled infrastructure. A similar example is the hack attack which publicly embarrassed Sony Pictures by exposing their private emails to the public. Though not a military target, it was attributed to North Korea, as a response to Sony’s release of the movie “The Interview”.
There is a drastic rise in cyber attacks, especially from the enemies of Israel.
No comments:
Post a Comment