Anyone, anywhere is now potential target for nation-state cyberattacks: ex-IDF general

The only way of coping with the new level of threats is to think like the attacker and prioritize wisely so critical assets can be shielded, HolistiCyber CEO Ran Shahor says at the CybertechLive USA conference

Screenshot from presentation at CybertechLive USA

To those who feel comfortable about their company's cyber defenses, Ran Shahor issues a sobering warning:  no organization can be fully protected from today's increasingly aggressive and sophisticated cyber attackers. 

But the retired IDF brigadier general with decades of experience in the trenches of cyber warfare emphasizes that it is possible to cope with the threat by adopting the attacker's way of thinking. 

"Today anyone, anywhere, anytime is a potential target for nation state or nation state grade attacks," said Shahor, CEO and Co-founder of HolistiCyber, during a presentation on Tuesday at the CybertechLive USA online conference. 

He noted that the US Defense Department, NSA, CIA, and the United Kingdom's MI5 had all reached the same "frightening" conclusion. 

According to Shahor, who served for 27 years in the IDF and founded the cybersecurity program of the intelligence branch, there are three reasons why attackers are becoming more sophisticated and aggressive. First, cyber crime is extremely profitable and involves almost no personal risk. Second, nation-state cyberattack tools were leaked to the dark net where, he said, they can be bought very easily and conveniently as a service for as little as $200. And third, most large attacks are now being carried out by hackers who are heavily backed, supported and even instructed by nation states – Russia, China, North Korea and recently Iran, the retired general said. 

"The only way that you can cope with this new level or new way of aggressiveness and sophistication of the attacker side is you need to be able to think like the attacker, and the only efficient way to think like an attacker is if you have an attacker background yourself," Shahor stated. But the CEO of HolistiCyber pointed out that in the Western world, getting someone with a good attacker background is either impossible or very expensive.

The only exception in the Western world is Israel because of the country's mandatory military service system, which he said allows the IDF to pick the brightest of the 130,000 inducted each year. These youth undergo extremely intensive cyber security and technology courses and later take part in state of the art, highly complex operations, both defensive and offensive ones. More than 95 percent of these men and women leave for the private sector by the age of 30, so the system creates an annual flow of thousands of world-class cyber experts, "much better educated and more sophisticated, more creative than the worst hackers in the world, yet they are very good people," Shahor said.  

As for the effect of COVID-19, the cyber expert said that considering the huge increase in personnel working from home using networks that are much less resilient than corporate ones, it is no wonder that there has been a sharp rise in cyberattacks. "We need to take into account that many new players are going to join this party," he predicted.  

However, despite the growing threats in cyberspace, Shahor stressed that there are a number of measures that can be taken by corporate leaders to make sure that they prevail. He said they should adopt an "offensive framework methodology" and think like the attacker in order to prioritize wisely and be much more practical; take a holistic approach that allows them to protect their critical assets, and most importantly their personnel; have very good access to relevant dark net intelligence; and adopt advanced defense technology to be more efficient. 

"If you don't prioritize, if you're not willing or afraid to take a calculated risk, you're actually creating a much bigger risk, because trying to defend everything is as if you are defending nothing," the CEO said. 

You might be interested also

The supercomputer in Wuxi is presented for the first time in 2017. Photo: Reuters

The tech front: America against China's supercomputers 

The U.S. Department of Commerce announced the addition of seven supercomputer entities to its economic blacklist.  Secretary Raimondo: supercomputing capabilities are vital for developing weapons and national security systems, and that the department will prevent China from leveraging U.S. technologies for those efforts