Without taking cyber defense to a new level, the world is already in danger of being hit by a cyber pharmaceutical plague and a series of nuclear facility meltdowns, hi-tech entrepreneur Erel Margalit said Wednesday.
Speaking at the Cybertech Conference in Tel Aviv, the Jerusalem Venture Partners chairman and former MK noted, “Europe has 65 nuclear energy facilities that drills have shown to be vulnerable, and which could be hacked in ways that could cause a major issue.”
Margalit said pharmaceutical companies all over Europe were hacked in a massive cyber attack in June 2017, and that the hackers, presumed to be Russian, “could have changed the makeup of chemicals in the manufacturing of drugs... which could have brought a cyber plague to Europe.”
Instead, the hackers just stole IP addresses, but he said that did not change what they could have done or what other hackers might do in the future if companies do not up their cyber defense game.
Margalit discussed the sophistication of Israel and the West’s cyber adversaries. He said that Iran has “an army of hackers” operating in different countries in 11 independent groups with different code names.
“The Iranian nuclear threat is a future threat, but the Iranian cyber threat is an immediate threat, and Israel’s civil infrastructure is exposed and vulnerable. Eleven Revolutionary Guard strike groups attack Israeli nuclear researchers and civilian infrastructure on a daily basis,” he said.
Echoing Margalit’s warning, retired IDF Brig.-Gen. and current top Rafael cyber official Ariel Karo said, “Some hackers work like a commando unit. They collect intelligence, do advance planning, split into different units and use decoys.”
“The battlefield is now in the civilian arena,” he said, adding that only “a national level project” could “deal with all of the different kinds of threats.”
Karo said part of what made the cyber battlefield so difficult was that the only competent defense was to simultaneously multi-task with groups working on cybersecurity in real time and with others that are analyzing attacker strategies offline.
Noting that his company produced the Iron Dome missile-defense system, he said it also aspires to form a “Cyberdome” by going beyond the common threats that many are focused on and preparing for rarer military-level cyber threats.
He said Rafael had an “advantage” as it “is under attack all of the time,” helping it gain lots of experience in what high-powered cyber adversaries might try.
Other top cyber officials with military backgrounds also gave a grave picture of cyber threats.
Assuta Medical Center CEO and retired IDF Col. Ari Shamiss said that 94% of health organizations have been victims of cyber attacks. He said 88% of ransomware victims (groups locked out of their systems until they pay a ransom) were in the healthcare industry, recently costing the US $2.6 billion.
Shamiss pointed out that the dangers in the medical arena were more than just being locked out or having private information exposed, but were potentially lethal.
He said that implantable devices, such as cardiac pacemakers, could be disabled or have their functions altered to kill people.