It seems that in recent years organizations and governments have failed to protect personal data records of citizens, as well as data storage systems. And it isn’t just our credit card or our identity card numbers that are under discussion here, but rather the failure of states to protect themselves in the face of cyber-attacks.
The notion that all that is needed to assure information security is a firewall installation and an antivirus software has proven false.
It began with the silencing of the Internet in Estonia against the backdrop of its tense relations with Russia back in 2007, when some of the critical systems in the country were subsequently put out of operation. It continued with a series of cyber-attacks on websites in Georgia in the framework of another confrontation in which Russia was involved [during the 2008 South Ossetia war]. It was carried on in the course of the Olympic Games in Beijing in 2008, and it did not stop there. Even RSA, one of the world's largest information security companies, was not immune to cyber-attack; [in March 2011,] hackers gained access to its servers, and, [according to reports,] the stolen RSA information was used to hack the American fighter aircraft manufacturer Lockheed Martin and steal confidential information.
Google came under [a massive] cyber attack that originated in China and was apparently aimed at the Gmail user accounts of Chinese dissident human rights activists. Israelis, too, experienced cyber-attacks firsthand earlier this year [in January 2012], when Saudi hackers broke into web servers of e-commerce sites and posted the credit card details of thousands of Israelis, which they claimed to have stolen.
In fact, the past two years have marked a watershed in the approach of [cyber] security organizations and governmental agencies to the issue. While in the past, cyber-crime was considered an economic matter, one taking place between a local bank branch and a pimpled teenager or a mafia family in some East European country, the “bad guys” these days are states or security agencies operating on their behalf. According to Eyal Bavli and Yvon Le Roux, information security experts operating from Cisco’s headquarters in Paris, cyber-attacks are becoming one of the biggest nightmares for heads of state worldwide and, in particular, in the West.
“Cyber attacks by organized crime are not as sophisticated as all that”
Cyber has become an integral part of the national security concept of the European countries, as well as of inter-governmental political alliances like NATO, mainly on account of its far-reaching implications. Le Roux says that 7% of the GDP growth in the 20 developed countries (G20) is derived from the high-tech industry. However, due to cyber-crimes, especially by rival security agencies, the contribution of the high-tech industry to economic growth stands at only about 4%, as defense against such crimes and damage repair have their cost. That’s why, for the first time ever, the World Economic Forum ranked cyber-attacks along with greenhouse gas emissions and fiscal instability in its 2012 report of global risks.
“The Internet is not just a tool that affects our lives in terms of work, social relations, gaming or education,” says Yvon Le Roux, vice president for Physical Security Products at Cisco Systems, targeting the market of governmental agencies and [computer] security organizations.
“The Internet is also a national resource, which serves as a growth engine of states, and states are also those entities that use the Internet to push their agenda, while enjoying productivity growth thanks to their use of the Internet. However, as a result of all this, a large part of the economic and social gains derived from the Internet are liable be set off by other states or by the ‘bad guys’ playing in this arena.”
Le Roux further argues that while hacker activists [or hacktivists, as computer hackers whose activity is aimed at promoting a social or political cause have come to be known], such as Anonymous, attract much media attention, the economic damage they cause is relatively insignificant compared with the damage caused by states or espionage bodies.
“Cyberspace has become the arena of competition between states, in much the same way that space became the arena of confrontation between the superpowers 50 years ago. If I were asked to grade cyber-attacks by sophistication, I would rank crime organizations at 5 [in a scale of 1 to 10 – they are not as sophisticated as all that]; at the same time, espionage cyber-attacks by states deserve the ranking of 8. Such cyber conflicts between nations may impact innocent civilians, the way it was in Estonia [in 2007], when the entire country was darkened for whole two weeks.”
“We are under constant attack”
It is, in fact, a new form of warfare, says Eyal Bavli, a former Israeli defense establishment official who is currently serving as National Security and Defense Leader for Europe, the Middle East, Africa and Russia at Cisco Systems.
“The ways and forms [cyber] attacks can take are limited by the imagination alone these days,” Bavli told the Israeli daily business newspaper Calcalist. “In a world where the Internet constitutes the basis for numerous systems, many networks are built on it — monitoring and control networks of cities, road traffic, hospitals, airports [and the like]. Who dreamed 20 years ago that 85% of the world’s inhabitants would go around equipped with cell phones, and who imagined then that national growth could be undermined through attacks over the Internet?”
Bavli is witness to such cyber attacks daily, and not only when serving his customers, but even more so within his own organization. As a communications equipment giant, Cisco Systems is first and foremost the spearhead of the Western world vis-à-vis the media giants of China, primarily Huawei Technologies and ZTE. “We are under constant attack,” Bavli recounts. “And we detect thousands of [cyber] attacks each day. We have found that we are targeted by sophisticated attackers who are collecting information about us and who are using this information to formulate an attack strategy; these are attackers who are familiar with our defense layers. And it’s large, smart and determined organizations that we are talking about here. They are the kind of burglars who don’t break in through the main door, but rather penetrate by way of the ventilation ducts.”
Identifying cyber attacks in real time
Cisco Systems is not just another company competing in the market against the Chinese giants, which are funded in part by the government in Beijing. Being a [leading] provider of communications products, Cisco Systems is in a position to monitor a significant part of the global communications traffic. According to Le Roux, the products offered by Cisco Systems are like sensors that enable the company to keep an eye, watching from the sidelines, on numerous network attacks. “We can monitor even more activity than Google can,” Le Roux adds, “and this allows us to perform analyses in real time, while the attack is unfolding, like a plumber who sees all that is happening within the plumbing.”
It seems that governments have failed to protect both themselves and us
Bavli: “Governments [worldwide] have woken up to the problem and are trying to come up with an adequate response. However, no kind of protection can be completely hermetic – there is no foolproof solution. But I would not recommend a panicky reaction. [We are continuously developing sophisticated solutions.] Yet, it should be borne in mind that sophisticated solutions give rise to even more sophisticated hacking techniques.
We should realize that firewall and antivirus software are not enough and that in order to offer comprehensive protection, governmental cyber activity should employ not only information security technologies, but legislation and education, as well.
Le Roux: “Cyber warfare has become an arms race to all ends and purposes, and it is up to the nations of the world to resolve the conflict, which they should do through negotiations. The [cyber] industry can attempt to stimulate and inspire discussions on the issue and it can try to educate the players in the cyber arena, but at the end of the day, the decision is essentially political. The world leaders need to wake up to the issue and define new norms, including the sharing of information between governments in this sphere, which unfortunately, they have not managed to accomplish thus far.
Bavli: “Governments tend to divert more and more funds nowadays towards cyber. At the same time, it is interesting to note that they are reducing their overall defense budgets. However, it cannot be argued that the investment in cyber technology is invariably made at the expense of the investment in defense, in general. In fact, quite often, it comes at the expense of other government expenditures, such as the health or education budgets.”
The Israeli government has established a military cyber command and transferred 10 million shekels [nearly $2.68 million] in the last month alone to the cyber command and the Administration for the Development of Weapons and Technological Infrastructure (MAFAT) for cyber research and development. What grade would you give it?
Bavli: “I would rather not rate the performance of the Israeli government. I can say, however, that Israel is one the most advanced countries in the sphere of cyber — both as a manufacturer of knowledge and as an integrator of technologies.
The [Israeli] prime minister set the sphere of cyber as one of his priorities, and we are familiar with the efforts made in this sphere by the Administration for the Development of Weapons and Technological Infrastructure and the [Israeli] Ministry of Defense.”
Still, what would you recommend to the government [of Israel] to improve?
Bavli: “The country [Israel] is making progress in the right direction. I would perhaps recommend that it accelerate the processes it is managing in this sphere – and not because it is not working fast enough, but rather due to the fact that the threats are growing fast and are becoming ever more sophisticated. Israel is exposed at present to all kinds of network attacks: on the part of [hacker] activists, terrorist groups and other states. At the same time, the private sector in Israel, too – that is, banks, energy companies and so on – are all under an ongoing attack.”
NDS is to secure video conferences
In the course of the present year, Cisco Systems has concluded its largest purchase in Israel to date — NDS, an information security company for TV networks, purchased for the amount of $5 billion. Le Roux discloses that the technology developed by NDS, which previously served mainly to forestall illegal use of TV converters and to protect the intellectual property of broadcasting organizations, will be applied by Cisco for information security in the sphere of video conferences. It is one of the most popular products of the company among organizations that habitually use video conferencing.
However, Le Roux rules out the possibility that Cisco will turn NDS into its global information security research and development center. “It's a little too early to tell. We are currently busy integrating our activity with that of NDS, a company that employs a large number of workers, and we should be careful about it.”