Friday, December 18, 2009

Spymaster sees Israel as world cyberwar leader

Reuters reports from the Institute for National Security Studies (INSS), a Tel Aviv University think tank, where Major General Amos Yadlin, IDF chief of military intelligence, spoke:

In a policy address, Major-General Amos Yadlin, chief of military intelligence, listed vulnerability to hacking among national threats that also included the Iranian nuclear project, Syria and Islamist guerrillas along the Jewish state's borders.

Yadlin said Israeli armed forces had the means to provide network security and launch cyber attacks of their own.

He further said, as mentioned in this Israeli publication, that other countries, such as the United States and Great Britain, are establishing units for cyber defense, and that Israel has soldiers and officers on the job.

In fact, just today I heard a lecture by the director of the CIA who, as is general United States policy, places cyber security on the map when discussing issues such as proliferation of nuclear weapons and international terrorism.

HaAretz, an Israeli newspaper, quotes Major-General Yaldin as saying:

"Fighting in the cyber dimension is as significant as the introduction of fighting in the aerial dimension in the early 20th century." (my translation)

If this statement is to be believed, Israel is active in cyberspace. And yet, why would Israel admit that, regardless of if it really happens?

One option is that Israel decided it needs to show that its military is on par with other militaries around the world.

"Preserving the lead in this field is especially important given the dizzying pace of change," Yadlin said.

On the surface, disclosing cyber space activity, which your enemies can develop as well, or push to develop more of, seems silly.

After all, Major-General Yadlin said:

"Cyberspace grants small countries and individuals a power that was heretofore the preserve of great states,"

As Israel, much like the Western world, is very advanced technologically, it is more reliant on computers than many of its enemies and neighbors, and is therefore more at risk from potential cyber attacks. With attacks against Israel's internet presence these last few years, it may not be a silly idea after all.

With the world becoming more aware of threats to computer systems, investment in cyber security rising and more and more security incidents being disclosed; countries around the globe invest in cyber capabilities. Indeed, Israel too, which has been under internet attacks for years, needs to buckle up and do more to combat the threats.

Major-General Yadlin also mentioned cyber attacks fit well with Israel's doctrine for military offensives (mistranslated below as defense). This bit is tricky, and I will try and read between the lines.

"I would like to point out in this esteemed forum that the cyberwarfare field fits well with the state of Israel's defense doctrine,"

While Major-General Yadlin in all probability meant something along the lines of being bold and staying ahead of the curve, as in the same sentence he also spoke of Israeli youth and innovation, mentioning how Israel is often referred to as the "start-up country":

"This is an enterprise that is entirely blue and white (Israeli) and does not rely on foreign assistance or technology. It is a field that is very well known to young Israelis, in a country that was recently crowned a 'start-up nation'."

It is possible, although unlikely, that he meant to indeed discuss Israel's defense doctrine, thus possibly speaking about deterrence in cyberspace.

Deterrence is an integral part of Israel's defense doctrine, with the goal, in broad lines, of widening the window between inevitable Arab attacks by a strong response, some would say a disproportionate one, which will score a quick and decisive victory. Hopefully deterring them from attacking again. This strategy has roots in Israel's history all the way back to Ben Gurion's time and the formation of Israel.

Deterrence on the Internet, however, is mostly nonsense. This due to inability to identify who it is actually attacking you, and then if somehow successful, if it is really them or if their computer has been taken over by yet another attacker. Is someone trying to frame another as your attacker? Is your attacker even a nation-state to begin with, rather than an organization that doesn't care about retaliation?

On the internet, you may know who your enemies are rivals are, but you may never find out who is attacking you. The Internet is perfect for plausible deniability.

If this was the thinking behind the announcement, which I'd like to think is not the case, then the strategy was copied from the United States where this silliness has been going on now for a few years. The US strategic experts have been using Mutual Deterrence (or MAD, Mutually Assured Destruction) for over 70 years now, and feel comfortable with it. Therefore, when they needed to tackle the cyber realm, they immediately started pushing for a deterrence strategy even though cyber experts have been warning about it continually.

Deterrence for the most part, doesn't work online. It is my hope Israel does not repeat the American mistake on this matter and that I am right, and Major-General Yaldin was only speaking of Israel's spirit, where commanding officers lead the charge rather than wait behind.

From a completely different perspective, cyber warfare has been recognized as a strategic weapon on par with weapons of mass destruction for at least two decades. Israel does not admit strategic capabilities such as Nuclear Weapons, if it has them. Should it admit cyber capabilities?

"The potential exists here for applying force ... capable of compromising the military controls and the economic functions of countries, without the limitations of range and location."

While cyberspace is certainly strategic, the analogy to nuclear weapons is relatively weak.

There are obvious differences between the nuclear world and the cyber world, such as with tactical cyber uses of a very targeted nature -- without collateral damage, and in international law governing the proliferation of nuclear arms, while the cyber realm is in its infancy. In fact, the United States, Russia and the United Nations arms control committee are as I write these lines engaged in early discussions on securing cyberspace, and limiting military use of this realm.

When I first heard of the speech by Major-General Yaldin, I was highly disappointed with Israel for taking this route of public disclosure. Now, I am not so sure.

Disclosing that Israel is ready to defend itself and potentially engage its enemies in cyberspace right along-side the physical world, certainly has merit considering recent world events such as the attacks against Estonia and Georgia. I am just left wondering if this indeed discloses a real capability, or is just public relations.

I can personally attest from my years of defending Israel's internet, that Israel is under constant attack in cyberspace, and this intensifies whenever political tensions mount.

"At times it would seem," said Major-General Yaldin, "that our enemies would like to give a special award to Western companies whose products can be bought off-the-shelf at a reasonable price." (my translation)

Regardless, putting cyber security on the agenda along-side with Iranian nuclear weapons, Syria and Islamist guerrillas, is a step in the right direction to defending against the threats of cyberspace.

Gadi Evron,
ge@linuxbox.org.


Follow me on twitter! http://twitter.com/gadievron

3 comments:

Alex said...

There's no actionable information in the Israeli government's statement (or claim) here. This is just propaganda. On the day that a probably-autonomous Iranian group hacked Twitter, the Israelis are just say "We're bad too."

This looks like propaganda, or, worse, cyber-bureaucrats just trying to get public support for the business case for their agencies at budget time.

WeWatch said...

I'm not sure how I feel on what's right and what's wrong in relation to this information.

I do feel that at times, if you don't say you have something, your opponent thinks you don't. Therefore they can try to use that against you.

However, at times, letting your opponent think you don't have something can be a strategy too.

I don't know the culture over there like you do Gadi, but I would think that there is a need to "keep up with the Jones's". If everyone else is saying they have cyber warfare divisions, why not announce it yourself?

I did enjoy your perspective on this. It gave me more insight into the situation.

ilona@israel said...

Israel is active in cyberspace- actually its not like this if we talk about interet and idiological war. lets say for 100 muslim propaganda articles against Israel you would probably find very few Israel articles that look seriously and obvious. for example china has over few thousands people who comment on articles against this country and according to their expierence its a good practice that protects them from negative opinions.