Beer Sheva, Israel – Here in the middle of the Negev Desert, a cyber-city is rising to cement Israel’s place as a major digital power. The new development, an outcropping of glass and steel, will concentrate some of the country’s top talent from the military, academia and business in an area of just a few square miles.
No other country is so purposefully integrating its private, scholarly, government and military cyber-expertise.
Israel is a nation of 8 million people with little in the way of natural resources. But in global private investment into cybersecurity firms, it is second only to the United States, with half a billion dollars flowing to the sector annually. Israel has not only vowed to repel the thousands of daily hack attacks against everything from the electric grid to ATMs, but has promised to build its commercial cyber-sector into an economic powerhouse.
More quietly, the Jewish state is also at the cutting edge of cyber-offense, developing stealthy computer weapons to penetrate its enemies’ networks. The United States and Israel, working together, launched the world’s most destructive cyberweapon known to date, Stuxnet, which was let loose on Iran’s Natanz nuclear enrichment facility to devastating effect.
But where the two countries diverge is in Israel’s apparent ability, because of its size, history, geography and culture, to organize itself to defeat cyberthreats. Different sectors of society – that in the United States do not have a tradition of collaborating – appear willing in Israel to work closely together under a strong centralized authority.
“You will not find it in the United States,” said Eviatar Matania, the head of the National Cyber Bureau. “First, we have more enemies than others. We understand that the cyberthreat is here and now. Second, a lot of Israel’s high-tech and innovation culture is in cyber. This is where we can gain an advantage over other countries in defending ourselves. And thus, we see cyber not just as a threat to mitigate, but also as one of our economic engines.”
And that strategy is the foundation of Beersheba.
A cyber emergency response team, which was launched in 2014 to respond to cyber crises, will be housed in the midst of this booming development. It is part of the National Cyber Security Authority, which is mandated to protect all private-sector systems.
Nearby, next to a new advanced technology park that already houses cyber firm incubators and global companies such as PayPal, Lockheed Martin and Deutsche Telekom, backhoes are preparing a construction site that will become the headquarters of the Israeli military’s cyberdefenders.
Eventually, the nation’s secretive, elite cyberattack branch – the army’s Unit 8200 – will also burrow in here. The two branches are scheduled to merge next year. They in turn will work closely with the National Cyber Security Authority.
Joining the effort will be the Shin Bet, Israel’s security agency, which as well as its role in Israel and the occupied territories, has been a key cyber player for more than a decade. And completing the complex is Ben-Gurion University of the Negev, which is the nation’s top school for cybersecurity. The university will also work with the cyber-response team.
“What you get out of that is the research capabilities that academia brings, the real-world knowledge that the [tech firms] bring, the hands-on experience that the military brings, alongside the entrepreneurial ability that the start-ups bring,” said Nadav Zafrir, a former head of Israel’s Unit 8200, who is himself now a tech entrepreneur. “You put all that together, it sparks magic.”
– – –
Israel will never achieve a cyberespionage network on the scale of the United States. But it wants to be feared in the region, and its computer hacking and spying skills are sophisticated and innovative.
“The United States has more capabilities than Israel in cyberspace,” said Gabi Siboni, director of the cybersecurity program at the Institute for National Security Studies in Tel Aviv. “But we are small. We are very anxious, and it’s the difference between a speedboat and an aircraft carrier. We go very fast.”
So central is security seen for the state’s survival that every citizen – men and women alike, with exceptions for ultra-Orthodox Jews and the Arab population – is required after high school to complete a term of military service. The cream of the computer science and math crop are scouted by the elite military cyber-units when they are as young as 14.
“If you ask me what’s the biggest secret of the Israeli high-tech system, it’s the military’s ability to look at people when they are in high school,” Zafrir said.
The roots of Israel as a cyber power go back to the 1973 Yom Kippur War, said retired Brig. Gen. Yair Cohen, another former head of Unit 8200, which employs thousands of soldiers and serves a role similar to the National Security Agency. In less than three weeks, Israel lost more than 2,000 soldiers largely because of a dramatic failure of intelligence.
As a result, the Israel Defense Forces (IDF) decided to reinforce their signals intelligence arm, Unit 8200. The unit sought the best code-makers and code-breakers, Cohen said. It also began to conduct its own research and development, with soldiers building radio interception, and now cyber tools. “We cannot wait for someone in the United States to give us technology,” said Cohen,who now runs his own cyber venture capital firm.
Today, the military is working closely with the National Cyber Bureau, and is seeking legislation that will allow it “to be a major player in defending the nation” against cyberattacks and to take action against adversaries, said Brig. Gen. Danny Bren, head of the branch in charge of defending the military’s computer networks.
The military hopes to establish a cyber-command by the second half of next year, a move the United States took seven years ago to merge the missions of attack and defense. Bren likens it to boxing. “You don’t see the boxers only throwing punches, or only blocking,” he said. “They must do both.”
Israel’s ability to play offense came to light in a joint operation with the United States called “Olympic Games,” a campaign to disrupt Iran’s nuclear enrichment program. Discovered by private-sector researchers in June 2010, the computer worm Stuxnet caused nearly a thousand centrifuges at Natanz to spin out of control, requiring replacements. Never officially acknowledged by either country, the campaign nonetheless showed the world what was possible with a cyberweapon and it spurred other countries – Iran chief among them – to set up cyber-commands.
“This global understanding drove everybody to a cyberweapon force buildup,” Bren said.
But Israel’s desire to act has sometimes created friction with even its closest ally. In 2012, Iran detected a series of cyberattacks that wiped data from networks in its oil industry. Investigating the malware, private-sector researchers discovered a cyberespionage tool that had been created jointly with the United States years earlier, but which Western officials said was launched by Israel in a unilateral operation. That deployment annoyed the National Security Agency, as it led to the discovery of the spy tool, dubbed Flame.
But, said a former senior U.S. intelligence official, “it was generally viewed as being worse for the Israelis than it was for us” because it was their primary cyberespionage tool.
“Any time two states agree to tackle complex and consequential projects together, misunderstandings and occasional disagreements are inevitable,” said Stephen Slick, a former CIA station chief in Tel Aviv who now teaches at the University of Texas in Austin. Nonetheless, he said, “a deep reservoir of mutual respect and trust exists between the Israeli and U.S. security communities, with both sides recognizing the benefits of close collaboration in cyber-activities.”
– – –
High on the 22nd floor of Israel Electric Corp., the nation’s main electric utility, a jumbo-screen on a wall shows the frequency and intensity of attempted hacks into the government-owned company’s network. Israel Electric, located in Haifa on the Mediterranean Sea, two hours north of Beersheba, is one of the most targeted entities in Israel.
A successful attack could disrupt power to virtually all of Israel, said Yosi Shneck, the company spokesman. But to date, none has succeeded. His engineers have help from an outside source: Shin Bet. Besides thwarting physical terrorist attacks, the security agency is responsible for protecting 30 or so critical entities from cyberattack. The list was drawn up by Israel’s parliament and includes the Bank of Israel, oil refineries and the blood bank. That is the equivalent of the FBI regulating major U.S. businesses or private entities for cybersecurity – an authority that would alarm American companies and civil libertarians and could not secure support in Congress.
But in Israel, the fear of a major attack is greater than concern for privacy, said Rami Efrati, a former National Cyber Bureau official.
The Shin Bet does not monitor the companies’ networks. It sniffs out threats before they hit the firms. It also relies on sensors the companies install in their systems to gather information that is then fed back to the security agency. In turn, Unit 8200 and Mossad, the foreign intelligence agency, also share cyberthreat data with Shin Bet. By contrast, in the United States, it took years to pass a law to encourage – not compel – companies to share computer data with the government.
Yaron Wolfsthal, who heads an IBM research lab at Ben-Gurion University here, is anticipating more cross-pollination in the desert, as he awaits the arrival of army cyber-units.
“We can work with them even before they are discharged,” he said, noting some will be working toward advanced degrees. And, he added, “The technical engineers will go from their home to the base everyday, and on the way, they will see banners for all the companies here. This primes them to consider working in those companies later on.”
The military’s elite cyber-units, for their part, have created a climate that fosters innovation and encourages people to stay even after their terms of service are up – three years for men and two for women. “Unit 8200 works like a start-up,” said Tomer Touati, a captain who stayed for six years and is now with PeriTech, a cyber venture capital firm. “You have your own R&D team. You can pick up the phone or send an email to another R&D team and say, ‘Look, I think if you do this and this, we can work faster or better.’ ”
And Israel is also grooming its next generation of warriors to populate the cyber-infrastructure it is building.
At Ohel Shem High School in Ramat Gan outside Tel Aviv, a uniformed recruiter sits in on sophomore math classes, scouting candidates for the units that protect the military’s networks.
Military cyber-officers are now mentoring students at four Israeli high schools that have advanced courses in math and computer science. The two-year-old program has more than 800 students.
“My dream since childhood is to work in computers and cyber,” said Yarin Zeevi, 18. “This,” she said, “is what I can give to Israel, as a citizen and as a soldier
To lure students to sign up for cyber-units, the military organizes trips to its training base near Tel Aviv where students can get a taste of the action. One recent excursion featured a “hack-a-thon” in which the students were assigned to build an Android app that would allow a smartphone to take a person’s picture and then use facial-recognition software to search databases for a match.
“We are looking for talent,” said Capt. Rotem Bashi, a commander in a cyberdefense unit, “because the . . . next war will be in cyberspace.”
(c) 2016, The Washington Post · Ellen Nakashima, William Booth