Subtle cyberattack met with swift cybersecurity acts

At 11:30 a.m. Friday, Orian, an Israeli and international freight forwarding company, discovered the target of a cyberattack.

Aware of Amital Data, Orian’s software services partner, about the targeted attack on a computer server located in Orian’s offices, the logistics company learned that physical data, as well as data from 40 hackers Amital treatment, compromised.

According to the company, it identified the types of data taken in the attack but not the exact data taken.

“Data is similar to the new oil,” Drs. Reuven Lerner, an expert and consultant in computer programming and data science, told The Media Line.

“Data is worth a lot, a lot of money,” he said.

Orian, a partner of global supply and supply chain network DB Schenker, announced in a message to Tel Aviv Stock Exchange that it has turned to the Israel National Cyber ​​Steering Group. “Working together, we have consolidated and will continue to strengthen our data security system to prevent these situations from occurring in the future,” Orian said.

Unfortunately, the attack is nothing out of the ordinary. These and other types of cyberattacks occur more frequently than companies and countries publicly acknowledge. But what sets it apart is that the Israel National Cyber ​​Steering Group (INCD) became involved in what happened next and is immersed in working with companies at a micro level and macro to deal with cyberattacks.

“Almost every company in Israel works with the Israel National Cyber ​​Steering Group. As soon as the logistics company and its partners learned about the attack they took action to shut it down. At the same time, the steering group informed other companies about the attack and what defensive actions should be taken, ”said Tel Aviv University Prof. Isaac said Ben-Israel.

Ben-Israel, a retired senior general in the Israeli Air Force who teaches military, security and technology subjects, was in charge of two action groups that shaped the country’s national cyber policies and its national cyber authority. – the INCD.

He told The Media Line, “Israel was the first country to understand and conclude that cyber – before cyber became a term – needed a national program.

“Early on we realized how unusual our situation was with other regional players. Israel has many more advanced systems that could be damaged than our neighbors. We have created a national program for emergency infrastructure such as electricity and water, as well as for the protection of hospitals and transport, ”said Ben-Israel.

So in 2015, the National Cyber ​​Security Authority (NCSA) was created and its services were outsourced to the Israeli private sector. In late 2017, the government decided to merge the NCSA with the Israeli National Cyber ​​Bureau to create the INCD.

Within the steering group, which employs approximately 350 people, is the Cyber ​​Emergency Response Team (CERT). Headquartered at a business park in the southern city of Beersheba, CERT receives and handles hundreds of reports and information about cyberattack attempts or threats, from local and international partners, every day.

Like calling the police at 911, fire services, ambulances and other emergency services, a dedicated three-digit phone number goes directly to CERT. It is well used.

From September 2019 through September 2020, CERT handled over 10,200 events. The most common type of cyberattack, at over 43% of the total, came from social media incidents, while attacks to enter data and communication networks stood at over 30%.

This comes on the news this weekend that hackers, believed to be linked to the Russian government, broke in and gained access to U.S. intelligence, taking into the networks of the Department of Finance and Trade departments.

U.S. media outlets accuse U.S. officials of saying that cyber actors, or “threat actors” like Yochai Corem, the leader of Cyberint, a leading provider of intelligence-led digital risk protection, are calling them exploiting this. vulnerability to access sensitive data.

“Hacking is a business with multiplayer from different sources and with different reasons for joining other people’s networks,” Corem told The Media Line.

“Digital security guards like Cyberint try to figure out network vulnerabilities, open doors or windows in the physical world as it were, before others unintentionally do,” Corem said.

He noted that by conducting in-depth searches of the dark web (internet networks frequently used by criminal elements and hackers that are not visible to everyday search engines), we can gain a better understanding find out what types of hacking codes are available and what kind of information has been stolen.

Even more troubling for Corem and Ben-Israel are the often unrecognized interconnected interests organized among “threat actors”: hackers, criminals, criminal groups and countries.

“The first real cyberattack came in 1986 when East German criminals bought computer time from the University of California, Berkeley computers and took advantage of connections to Lawrence Livermore, the U.S. nuclear research, national laboratory networks to access data secret and then sell it, “Ben-Israel said.

“After they were captured, the group said they only did it for money. But this is where it gets interesting. After the fall of the Berlin Wall in 1989 and the opening of the East German archives, it appears that the person paying them was a KGB worker, ”said Ben-Israel.

“Today the modus operandi remains as it is and many times you cannot tell who is working against you,” he fled.

With today ‘s fulcrum technology of life, hacking is the unforeseen consequence of the whole world using computer hacking in products.

“Over 100 years ago when cars were introduced, we created car accidents. Today with the introduction of computer chips into more and more products, we are creating conditions for an increase in hockey attacks, ”said Ben-Israel.

The cybersecurity industry is well aware of this.

Palo Alto Networks, director of global cybersecurity, released his report “EMEA 2021 Cyber ​​Security Predictions”, outlining the various factors that enable cyberattacks.

Not surprisingly, the coronavirus infection plays its part in weakening cybersecurity.

The company notes that as a result of “security policies being relaxed by the need to allow employees to use their devices at home,” and with many households with 20 to 50 Linking to the internet, there are “increased risks in accessing critical business systems and information.”

The future will not be easy for any computer network and information system: not in bureaucracies, physical environments, and security and defense agencies. Not even in what we used to consider the safest, our homes.

As the world moves on, cyberattacks and cybersecurity will continually fight for supremacy. No one expects 2021 or beyond to be any different.