This post is also available in: עברית (Hebrew)
Most of Israel’s technology, economics and news media recently recycled a post originally uploaded by the American information security blog Krebs on Security, citing the Columbia, MD-based CyberESI information security firm, according to which severe security breaches were used to implant malicious software into the computers of leading Israeli defense companies.
According to the blog, computers at these companies were implanted with malicious software throughout 2011-2012, software used later as a “back door” by hackers with connections to the Chinese security forces. These hackers infiltrated the databases of the Israeli companies’ research and production branches, extracting, according to estimates, terabytes of data.
None of the so-called stolen documents lifted from the Israeli firms were actually presented by CyberESI, and its own role in the affair is unclear. It appears that instead of real information having to do with hacked computers at leading Israeli defense companies, a brilliant marketing campaign orchestrated by CyberESI succeeded above and beyond all expectations.
Unlike the flood of identical news items popping up in Israeli media, accompanied by threatening headlines describing the so-called theft of valuable information regarding core Israeli defense technologies – and especially the holiest of holies, the Iron Dome missile defense system – the iHLS news website offers another direction, a little less panicked and based on actual facts:
1. Israel’s leading security industries are strictly regulated by the General Security Service (Shin Bet), which, through the Israeli information security authority (Re’em), dictates to the companies how to act – which hardware and software components to acquire, from who and how to configure them. Re’em has extensive experience and skill; it’s also very likely to have access to a massive database of methods and means of attacking Israeli computing infrastructure. Re’em guides each and every defense organization and company, helping them protect their information.
2. In addition, the leading defense firms must comply with the U.S. government ITAR regulations, controlling imports and exports of defense-related articles and enforced by the Department of Defense. Since some of the projects of these companies are connected, for example, to the Boeing and Lockheed Martin fighter jet projects, the companies are subject to constant and uncompromising American regulation.
3. For by wise council you shall make thy war: There’s an obvious interest by Israel’s enemies to uncover the secrets of the Iron Dome, the Arrow and countless other projects partially led by Israeli companies. According to iHLS it’s likely that this was false information intentionally fed by Israel to its enemies.
4. Honey networks: Civilian companies, private individuals, not to mention defense companies that attract the most notorious hackers, all build traps in their back yards to attract the gullible. It’s important to know the countries of origin of these information seekers, and sometimes their exact IP addresses, domains and the tools used; their methods, means, software and automated tools used to carry out the attacks.
5. All the information collected from hacker attacks on news networks, power stations, Israel Railways, Department of Health, the IDF Spokesman and many, many more – all of it is collected into one database, and there are many ways to apply the conclusions gained from analyzing it. Even computer infrastructures that include routers, switches, load balancers and firewalls are ruined every once in a while, physically and logically.