Exactly 30 years ago the first personal computer virus, “Brain”, was spread. Ever since, viruses and cyber threats in general have become many people’s greatest concern. In a force based almost completely on networks – how do you protect technological and operational assets from cyber threats?
Noa Fenigstein | Translation: Ohad Zeltzer Zubida
On January 14, 1986, the first active virus was released to personal computers, the virus, which was written by two brothers from Pakistan, was called “Brain”. A few years later, on December 31, 1999, many held their breath a moment before the millennium began – the same evening the “Y2K Bug” stood as a threat which put at risk the function of the information systems which organizations, institutions and individuals around the world depended on. Even then, computers were an inseparable part from human lives.
Exactly 30 years since the first virus and man is dependent on technology on an infinitely larger scale. Mobile phones have become a basic necessity and viruses a threat which worries many. As technology becomes more accessible, the misuse of technology becomes more dangerous – cyber terror has fully developed in the past years and become a powerful threat.
You probably won’t be surprised to learn that the IAF is ready for it.
Counting on the Network
The IAF is based on networks. From means of communication, through operational information systems and to weapons, therefore, respectively to the cyber threat, the issue of cyber defense in the IDF and the IAF is advancing in order to make sure that the cyber threats – remains just a threat.
“Our dependence on computer systems brings significant operational output, but also great sensitivity to cyber threats”, explains Col. S, head of the IAF’s ICT Department. “Therefore, today, defending our systems takes precedence over building new abilities. We invest many resources in order to provide defense for every system and to stay a step ahead of the enemy”.
The cyber world is asymmetrical: the defender needs to be everywhere, every hour of the day and on all of his networks, while the attacker needs to find just one opening.
“We assume that the enemy is always trying to penetrate, attack or linger in our network”, emphasizes Col. S
“In the world of cyber there is no hermetic defense”, shares Lt. Col. Asaf, which leads the cyber defense field in the IAF. “But we can make the attackers life hard and complex”. In order to make it difficult for the enemy, pro-active monitoring and network investigation are prominent in the IAF today, in other words, taking initiative and not only responding.
“Pro-active monitoring means we don’t sit and wait to see events alerts in the control systems. We understand that a serious attacker with an interest will do whatever he can in order to slip under our radars and disguise himself”, explains Lt. Col. Asaf. In fact, pro-active monitoring is similar to patrolling inside the network. “Cyber defense teams look for footprints and irregular behavior and investigate them in order to discover if someone is ‘lurking’ in the network, whether dormant or active”.
“The IAF is responsible for defending its networks”
The fundamental difference between the civil world and the military world is that institutions like a bank or a government office are able to not-function for a period of time until they return to routine. The military doesn’t have that privilege. The possibility that the IAF will be paralyzed, even for a few minutes, is inconceivable for those involved with defending it in the cyber realm.
“In the military world, the effects of a cyber-attack may be devastating and cyber is defined as an area of battle in all senses and many resources are assigned to it”, explains Ziv, a cyber-consultant in the IAF’s Material Directorate.
Six years ago, the need for better and more comprehensive defense of information systems and networks was identified in the IAF. Following gaps I defense, a department was established which later became a full division and today, cyber defense is an inseparable part of any development and project or any operational activity in the IAF.
“It is important to understand that the IAF is completely responsible for the defense of its networks”, emphasizes Col. Shay. “The IAF is the only arm in the IDF which has ready alert situations for cyber defense and during operational activity, there is a cyber-defense attaché. Maybe most significant are the comprehensive force building processes which we implement at all times in order to progress accordingly with the world’s rapid technological development”.
Just as combat jets train for extreme scenarios in order to prepare for the moment of truth, cyber defenders sharpen their abilities. “The progression in the cyber world is daily and the pace of change is very high”, shares Lt. Col. Asaf. “Every day new threats are revealed, more complex and challenging. Nonetheless, we accustom ourselves to be able to deal with different levels and kinds of attacks and prepare for changing threats all the time”.
The “Magicians Apprentice” Team in “Ofek” (“Horizon”) Unit is responsible for the creation of advanced training exercises for cyber defenders in the IAF. By means of constant monitoring of threats, the team knows how to identify, investigate and exploit complex vulnerabilities – and in fact tries to penetrate the IAF’s systems, this is how the unit examines the improvements which need to be made in cyber defense. Practically all of the reserve servicemen in the field stay in the cyber and information security field in their civilian lives and create complex and comprehensive training exercises for the IAF’s cyber defenders.
“The key is people”, emphasizes Lt. Col. Asaf. “The people serving in the cyber defense world in the IAF are admirably professional. The expertise and enthusiasm from the topic are mandatory conditions because the cyber world is wide and full of challenges. Anyone who isn’t afraid to step up, examine and ask himself ‘How should I deal with these challenges?’ is someone we want with us”.
Knowing the Enemy
Today it is clearer than ever that the awareness of the threat is the most important part when coping with it. “The information revolution in the 1990s pales in comparison with the information revolution of the past few years. The rise in the extent of information and the amount of systems is tremendous”, says Col. Shay. “In accordance with this, we must strengthen our cyber defense and match it to this trend”.
The awareness has trickled into the IAF’s commanders and servicemen and today there is no dispute about the damage potential and consequently, the importance of being ready for it. “The world is evolving in such a fast pace that today we have to fly forwards in order to keep up”, Lt. Col. Asaf claims. “There aren’t always answers outside, so we create answers from within. This characterizes the IAF as a thinking organization, one that initiates and finds solutions itself”.