Two years ago (June 16, 2015), I published an article in Israel Defense magazine, questioning the intended establishment of the cyber arm by the IDF – an arm that should have encompassed all of the aspects of the cyber activity. I estimated that the intended process would not actually materialize as cyber cannot be 'regimentalized,' namely – subordinated to military-hierarchical logic, removed from the fast-paced reality the cyber world dictates. We have recently learned that the idea faded away and that the IDF divided the task of handling the cyber activity between the C4I Corps, charged with protecting the military networks, and the Corps of Intelligence, charged with collection and further utilization of the cyber field.
This division is more appropriate than the concept of the unified cyber arm, as each of the fields of activity requires different skills, different operational concepts and different personnel training processes. The cyber-related initiatives being implemented at the national level seem to be experiencing a similar process of confusing disciplines and activities.
The early emergence of this field in Israel had led the Prime Minister to establish a cyber bureau subordinated to his office that would promote the development of infrastructures and the training of personnel and fully utilize the technological and economic potential offered by the cyber field. Meanwhile, the market forces have entered the picture – the major corporations and small start-up companies, the venture capital funds and the capital market – and these elements have been propelling the field forward by their own power, at a high speed, while spreading in many directions and leaving the national cyber bureau behind.
Unnamed laboratories are in operation in China, Russia, North Korea, Iran and other countries, developing the capabilities required in order to damage national infrastructures.
The damage these elements can inflict is very real. We are currently witnessing the serious upheaval experienced by the US government system while the US intelligence agencies are doing their best to understand the manner in which the Russians had hacked into the American election system, the effects of that hack, its motivation and the ways to prevent similar hacks in the future.
In Israel, the Prime Minister was wise enough to order, about two years ago, the establishment of the national cybersecurity authority. An alumnus of the Israeli start-up industry and the security and intelligence community was appointed to head this authority. The authority constitutes an umbrella organization for all of the organizations and bodies in Israel. It provides monitoring, updating and instruction regarding cyber threats and threat development trends, and equally importantly – guidance and instruction for the general public which, in such situations, tends to rely on rumors and become needlessly stressful.
The national cyber bureau, on the other hand, is at a crossroads. As stated, the cyber industry is in full swing, propelled by economic forces and therefore less in need of the incubator the cyber bureau had been intended to create for it. On the other hand, some gaps have formed at the national level which the cyber bureau is unable to fill and may even disrupt, owing to the special status it enjoys with the Prime Minister.
It is not my intention to refer to the responsibilities specified for the cyber bureau, which are hard to quantify and whose contribution is difficult to evaluate, such as encouraging long-term R&D, training personnel at the national level or promoting foreign relations with similar organizations overseas, some of which can boast some academic credentials but not much more.
Some areas, however, require the attention and presence of the state and the law enforcement authorities. The cyber activity that made Israel famous worldwide had sprouted from the defense establishment, notably the Israeli intelligence services.
Most of the start-up companies established by the alumni of Israel's defense organizations are involved in the development of diagnosis and security systems against cyber threats and methods for handling Big Data, while some are involved in the gray area of developing systems for attacking computers/databases and decryption.
The special status of cyber technology within the Israeli high-tech industry, its relative advantage worldwide, the highly-publicized 'exits' and, naturally, the special bureau of the Prime Minister – have loosened the supervision over the proliferation of cyber. Through a long and cumulative process, the superior capabilities of Israeli cyber and know-how were damaged and exposed. Even today, we can already identify the severe damage inflicted on the capabilities of Israeli intelligence. Consequently, the criteria regarding the release of Israeli know-how to overseas clients must be tightened urgently. Moreover, the State of Israel is gradually emerging as an outlaw state, which openly and secretly disseminates software products that assist – either directly or indirectly – criminal organizations and other elements. Under certain circumstances, this might even lead to damage to the strategic relations of the State of Israel.
Cybercrime in Israel and around the world also calls for special deployment and preparations. Today there is hardly any deterrence in this field, and crimes are handled on a case-by-case basis. The deployment and preparations must be systemic and should include the Israel Police – with reinforced cyber organs, along with specialist departments at the Ministry of Justice and the Israel Security Agency. One of the very first products of the system should be a cyber statute that specifies, at least partially, what is forbidden and what is legitimate.
As we are only at the outset of the cyber era, we should prepare for it quickly while always maintaining a flexible way of thinking.
Brig. Gen. (res.) Hannan Gefen served as the commander of the elite 8200 Unit of the IDF Intelligence Corps