In the United States, Israel and around the world, cyberattacks are on the rise. To get a better understanding of this growing threat, we spoke to Oleg Brodt, the chief innovation officer at Cyber@BGU, an umbrella organization of Ben-Gurion University. Born in Minsk, Brodt came to Israel when he was 12. He served in the elite “Hi-Tech Unit” of the Israel Defense Forces, where he was a team leader. Today, Oleg serves as a mentor to start-ups and tech programs and on behalf of Ben-Gurion University liaises with the many private cybersecurity firms located in Beersheba.
How are the concerns around cybersecurity changing?
The challenges are growing significantly. The internet was built without any consideration of potential cybersecurity issues. It is almost impossibly expensive to retrofit the existing structure. Even now, many technological products are being built with little concern for potential security problems. This is the “original sin” of technology—and the sin is growing rapidly. If something is “smart,” then it is vulnerable. In fact, we should replace the word “smart” with “vulnerable.” We are surrounded by growing numbers of lines of code that are insecure.
Who are the main attackers?
Initially, the main attackers were states, their militaries and their friends. The Pentagon calls cyberspace the “fifth domain”—after land, sea, air and space. Initially states used cyberspace mainly for espionage.
Now there is also interest in physical damage. In 2015, the Russians temporarily destroyed Ukraine’s ability to deliver electricity, and ten years ago, Israel was reported to have attacked Iran’s nuclear centrifuges. These attacks are going to increase. If the spillover from digital espionage to the physical domain is large enough, then it could be considered as an act of war.
In fact, the largest set of cyberattackers are now the “financially motivated” ones who attack individuals and industrial entities. We now hear about ransomware and data leakages regularly. The attackers don’t hide in dark basements. They function as “typical” business entities, with a CEO and staff. They have learned how to monetize cyberattacks and increasingly demand ransom payments through cryptocurrencies, which are difficult to trace.
A potential major actor is terrorist organizations. But we have not yet seen a terrorist organization with major cyber capabilities. Nor have we seen much from activists seeking policy changes in areas such as global warming.
Could there be a massive cyber-attack on Israel, or on another country?
It has already happened on a small scale. It was reported in the media that a Hamas armed security unit located in the building in Gaza where the AP and its journalists worked was seeking to interfere in the deployment of the IDF Iron Dome. From a broader point of view, it is much cheaper to train someone in cyberwarfare than it is to build and shoot a missile. Many countries are building cyber offensive capabilities. No one is willing to forego that capability.
Has Israel really become a major cybersecurity center?
Last year, 40 percent ($4 billion) of global venture capital investments in cybersecurity went to Israel. In the first half of 2021, $3 billion has gone to cybersecurity start-ups. Nine cybersecurity “unicorns” (private firms with valuations of over $1 billion) are in Israel. In 2020, the biggest “exits” (when a private startup is publicly traded or purchased by an existing company) in Israel were cybersecurity companies such as Forescout ($1.7 billion), Checkmarx ($1.15 billion), Armis ($1.1 billlion) and CyberX ($165 million, sold to Microsoft). Israel now has 500 cybersecurity startups. The digital economy and the accompanying need for cybersecurity have grown enormously since the start of COVID-19.
What is happening in Beersheba?
More than five years ago, the Israeli government decided to make Beersheba a world-class cybersecurity center. It built an advanced technology park. All cybersecurity units of the Israeli government will eventually move here. The government is paying 30 percent of the salaries of every cybersecurity employee in Beersheba. Fifty multinationals are now located in Beersheba. Cisco and Microsoft just announced that they are planning to establish a presence. Fifteen years ago, there was only Deutsche Telecom.
What about Ben-Gurion University?
BGU was a pioneer in cybersecurity, offering the first degrees in the field, with a few brilliant professors. We now have an entire floor, with 150 researchers and three labs, one in cooperation with Deutsche Telecom, another with the Israeli National Cyber bureau, and a third with the Israeli National Police. Our vision is to be the best in the world. We have not yet completed that vision but are on the way: We are just now building a joint cybersecurity program with the New Jersey Institute of Technology.
Where are we heading? What will be the impact of the internet of things?
To tell the truth, I am very concerned about where we are heading. Until 20 years ago, digital was digital, and physical was physical. There was no intersection between those two. Now cars are basically phones on wheels. So, imagine this scenario a few years from now. When you go to start your electric car in the morning, you may see a notification on your entertainment system that says you have to pay a ransom in Bitcoin. This scenario was impossible ten years ago. But now, it’s going to be a reality because everything is becoming connected.
Manufacturing is also becoming connected. Attackers can disable a beef manufacturing facility in the U.S. until ransom is paid. A few years ago, you had to shoot a missile to destroy a factory. Now you only have to click a button.
How will artificial intelligence (AI) impact cybersecurity?
For AI, there are three different intersections. First, we need to improve AI systems so that they can more effectively identify intrusions. At least half of Israel’s 500 cybersecurity startups are working in areas such as intrusion detection and next-generation anti-virus. Secondly, the bad guys can use AI to develop more sophisticated attacks, in terms of reconnaissance, delivery and exploitation, and, through automation, lower the costs of creating cyberattacks. The third intersection is that it creates a new weakness; the more lines of code you have, the more vulnerable you are. And AI is just a bunch of lines of code.
We discovered in the last few years how easy it is to bypass traditional anti-virus protection. Your bank has a check scanning system powered by AI that tries to figure out the sum amount on the check that you wrote. If we add a dot, , the human clerk will still understand the amount that you wrote. But it’s extremely easy to fool an AI-based model.
Unfortunately, nobody cares about a cyberattack until it’s already been deployed. Why did we not build these systems securely in the first place?’