This post is also available in: עברית (Hebrew)
“There are no magical solutions for terror, and there are no magical solutions for cyber attacks. These days, however, the situation can be improved through planning, awareness and investment. Hackers can even be deterred through various means.” This according to Yuval Diskin, former chief of the Israeli General Security Service (Shabak), at the opening of the IPRED 3 conference in Tel Aviv. IPRED is an international organization focusing on readiness and emergency response to natural and man-made disasters.
Most of the discussion focused on cyber threats against the medical establishment, locally and worldwide. Yival Diskin, today a consultant on special cyber defense methods, addressed the recent developments in the area.
The bad news first: “Almost all of the systems today are computerized. We’re irrevocably dependent on computers. Hundreds of millions use smart phones, tablets and laptops, although the security level of those devices is pathetic. Water systems, electric grids, chemical plants, nuclear and industrial facilities, cars, trains, ships and airplanes – everything is computerized, everything is networked, everything is sensitive and almost everything is unprotected.”
Diskin referred to 9/11: “Prior to 9/11, could anyone imagine a simultaneous missile attack on the World Trade Center and the Pentagon? And there, 19 terrorists, 4 passenger planes, years of planning and preparation, all led to three gigantic planes turned missiles and the most horrific terror attack in history. As to the cyber arena: One man, with zero investment, from his comfortable couch, can destroy a chemical plant or an entire city.”
There are also good news, however. According to Diskin cyber attacks can be prevented, as long as authorities understand how hackers think. There are already some defense methods that can detect cyber attacks even before they happen, and researchers are developing tools that will deter hackers. Effective cyber defense depends on cooperation between experts.”
Daniel Gerstein, U.S. Department of Homeland Security Undersecretary, said that cyber threats are multiplying and not enough resources are invested in cyber defense. Never in history a lone terrorist could have done so much damage to an entire state. In 2013 the U.S. lost billions of dollars to banking fraud, for example. Severe attacks hit Estonia and Iran, and 30,000 computers were disabled in Saudi Arabia. Statistically, 1 out of 15 U.S. citizens is under threat of cyber attack. “Three government offices in Washington – The Justice, Defense and Homeland Security departments – are cooperating on this issue, with additional efforts directed at cooperating with the academy and other countries.”
According to Gerstein one of the problems is the massive amount of data. 2 million people and 32,000 containers enter the U.S. every 24 hours. Someone has to check them all, and that’s just one example of huge masses of information that must be reviewed and monitored. All of these databases are, of course, vulnerable to cyber attacks themselves. Solutions include plenty of professional training, drills, awareness, equipment standards, planned emergency responses, in addition to, of course, maintaining privacy.
Rami Efrati, systems security expert, went into detail about medical cyber threats. “In the near future robots will conduct surgery and implant medical devices in the patient’s body. The robot, the device, both can be targeted by hackers – even while the operation is still ongoing. The situation is similar for national-level systems, hospitals, medical records, medicinal arrays, medical devices and pharmacies.” According to Efrati the Israeli Health Ministry keeps the systems safe, as Israel invests a lot of effort in cyber-defense. The international community should convince manufacturers of devices and systems to standardize their products, in order to ensure their immunity to cyber attacks.