When Israel Defense Forces chief Lt. Gen. Benny Gantz
delivered a high-profile speech this month outlining the greatest threats
Israel might face in the future, he listed computer sabotage as a top concern,
warning a sophisticated cyberattack could one day bring the nation to a
standstill.
Gantz was not speaking empty words. Exactly one month before
his address, a major artery in Israel’s national road network in the northern
city of Haifa suffered a cyberattack, cybersecurity experts tell The Associated
Press, knocking key operations out of commission two days in a row and causing
hundreds of thousands of dollars in damage.
One expert, speaking on condition of anonymity because the
breach of security was a classified matter, said a Trojan horse attack targeted
the security camera apparatus in the Carmel Tunnels toll road on September 8. A
Trojan horse is a malicious computer program that users unknowingly install
that can give hackers complete control over their systems.
The attack caused an immediate 20-minute lockdown of the
roadway. The next day, the expert said, it shut down the roadway again during
morning rush hour. It remained shut for eight hours, causing massive
congestion.
The expert said investigators believe the attack was the
work of unknown, sophisticated hackers, similar to the Anonymous hacking group
that led attacks on Israeli websites in April. He said investigators determined
it was not sophisticated enough to be the work of an enemy government like
Iran.
The expert said Israel’s National Cyber Bureau, a
two-year-old classified body that reports to the prime minister, was aware of
the incident. The bureau declined comment, while Carmelton, the company that
oversees the toll road, blamed a “communication glitch” for the mishap.
While Israel is a frequent target of hackers, the tunnel is
the most high-profile landmark known to have been attacked. It is a major
thoroughfare for Israel’s third-largest city, and the city is looking to turn
the tunnel into a public shelter in case of emergency, highlighting its
importance.
The incident is exactly the type of scenario that Gantz
described in his recent address. He said Israel’s future battles might begin
with “a cyberattack on websites which provide daily services to the citizens of
Israel. Traffic lights could stop working, the banks could be shut down,” he
said.
There have been cases of traffic tampering before. In 2005,
the United States outlawed the unauthorized use of traffic override devices
installed in many police cars and ambulances after unscrupulous drivers started
using them to turn lights from red to green. In 2008, two Los Angeles traffic
engineers pleaded guilty to breaking into the city’s signal system and
deliberately snarling traffic as part of a labor dispute.
Oren David, a manager at international security firm RSA’s
anti-fraud unit, said that although he didn’t have information about the tunnel
incident, this kind of attack “is the hallmark of a new era.”
“Most of these systems are automated, especially as far as
security is concerned. They’re automated and they’re remotely controlled,
either over the Internet or otherwise, so they’re vulnerable to cyberattack,”
he said. Israel, he added, is “among the top-targeted countries.”
In June, Prime Minister Benjamin Netanyahu said Iran and its
proxies Hezbollah and Hamas have targeted Israel’s “essential systems,”
including its water system, electric grid, trains and banks.
“Every sphere of civilian economic life, let’s not even talk
about our security, is a potential or actual cyberattack target,” Netanyahu
said at the time.
Israeli government websites receive hundreds and sometimes
thousands of cyberattacks each day, said Ofir Ben Avi, head of the government’s
website division.
During Israel’s military offensive on the Gaza Strip last
year, tens of millions of website attacks took place, from denial of service
attacks, which cripple websites by overloading them with traffic, to more
sophisticated attempts to steal passwords, Ben Avi said.
Under constant threat, Israel has emerged as a world leader
in cybersecurity, with murky military units developing much of the technology.
Last year, the military formed its first cyberdefense unit.
Israeli cybersecurity experts say Iran and other hostile
entities have successfully hacked into Israeli servers this year, and that
Israel has quietly permitted those attacks to occur in order to track the
hackers and feed them false intelligence.
Israel is also widely believed to have launched its own
sophisticated computer attacks on its enemies, including the Stuxnet worm that
caused significant damage to Iran’s nuclear program.
Bracing for serious attacks on Israeli civilian
infrastructure, Israel’s national electric company launched a training program
this month to teach engineers and power plant supervisors how to detect system
infiltrations.
The Israel Electric Corp. says its servers register about
6,000 unique computer attacks every second.
“Big organizations and even countries are preparing for
D-Day,” said Yasha Hain, a senior executive vice president at the company. “We
decided to prepare ourselves to be first in line.”
The training program is run jointly with CyberGym, a
cyberdefense company founded by ex-Israeli intelligence operatives that
consults for Israeli oil, gas, transportation and financial companies.
On a manicured campus of eucalyptus trees across from a
power plant in Israel’s north, groups are divided into teams in a role-playing
game of hackers and power plant engineers.
The “hackers,” code-named the Red Team, sit in a dimly lit
room decorated with cartoon villains on the walls. Darth Vader hovers over
binary code. Kermit the Frog flashes his middle finger.
In another room, a miniature model of a power station
overflows with water and the boiler’s thermometer shoots up as the role-playing
hackers run a “Kill All” code. The exercise teaches employees how to detect a
possible cyberattack even if their computer systems don’t register it.
About 25 middle-aged employees attended the first day of
training last week. The course will eventually train thousands of workers, the
electric company said.
CyberGym co-founder Ofir Hason declined to comment on the
toll road shutdown, but said the company has seen a number of cyberattacks on
infrastructures in recent years.
Israel is especially susceptible because it has no
electricity-sharing agreements with neighboring states, and all of the
country’s essential infrastructure depends on the company for power.
“We’re an isolated island,” he said.
No comments:
Post a Comment