Former top government cyber officer and current Konfidas CEO Ram Levi claimed in a recent interview that cyberattacks against Israel will increase dramatically as the Ukraine crisis fades from the spotlight.
“They will [escalate] continuing to try to hack. There was a [relative] slowdown in hacking because Russia has been focused on the war. But after, they will attack even more aggressively again.”
He mentioned explicit Russian plans to increase the intensity of its attacks on the West, and that this escalation “could hurt us [Israel] a lot,” stated Levi.
During recent Iranian intrusions, his cyber business was able to pinpoint the moments of Iranian hacking in real-time. Levi explained how his company achieves it, saying that “almost all cyber actions leave fingerprints. Sometimes an increase in activity can reveal problematic activity, sometimes not. You need to [generally know] who is attacking in order to find the fingerprint.”
In light of this, as well as two incidents in which breached companies willfully delayed patching security flaws they had been warned about, he was asked if the Israel National Cyber Directorate (INCD) should be given additional powers to interact and actually force more private-sector firms to carry out such cyber patches.
According to records in that case that have yet to be reported on, but which The Jerusalem Post has recently revealed, instead of thousands or tens of thousands of Shirbit documents being released in late 2020, 707 documents were exposed. The government announced that the public to stay alert and aware of Cyberattacks by Iranian Hackers.
Only 41 papers containing customers’ identifying numbers and seven documents containing clients’ credit card data were exposed out of the 707 total.
Shirbit stated that it provided logistical and financial assistance to these clients if they needed to replace their cards.
Levi, Shirbit’s outside cyber analyst, noted in court records that while the US organization NIST has some cyber standards, some of which Shirbit may not have satisfied, these standards are not employed as mandatory or even always relevant to all firms in all industries.
What could be a reporting paradigm for Israel?
Companies in the United States will be required to comply with a new policy “do need to report being hacked within 72 hours,” although there is no similar Israeli requirement that applies to all fields, “people in Israel don’t and will not know the data on such hacks.” Also, you might be interested in reading US Banks prepare for Cyberattacks after the latest Russia sanctions.
If there was legislation forcing every hack in Israel to be reported to INCD, “we could do an analysis about which fields are defended and which are not. Now we don’t know. INCD knows about critical infrastructure, but not beyond that. But support fields getting hacked can lead to critical infrastructure being taken down. We need to look at defense holistically.”
With the majority of recent hacking news ascribed to Russia or Iran and the Iranian hackers attacking Israeli company Cyberserve he was questioned if Chinese cyber espionage remains a concern.
“Yes, we need to worry all of the time. And North Korea is also trying to spy and is often succeeding,” he said.
With Israel having been targeted by many fresh cyberattacks in the last week, the prospect of a big new escalation will assure that Levi and others have many late cyber event nights ahead of them.