2021 can be defined as a year in which the world began to understand and discuss the cyber field at all levels. In the past year, a number of particularly significant events have taken place in Israel and around the world, which have affected, and may still affect, the daily lives of millions of people.
“The major cyber incidents that have taken place in the past year in Israel and around the world are cases of information theft and disruption of production chains, with cyber criminals trying to make as much money as possible through them – for as little effort as possible,” she explained. Maya Horowitz, The VP of research at Check Point, “The various attackers, whether terrorist or state, have actually learned that the most lucrative attacks for them, when they can make millions of dollars through them, are ransomware attacks – whether it’s information encryption And various servers or the theft of information and the threat of leaking it. ”
According to her, the difference between the various attacks is the way they are carried out, so that as many people as possible can be reached through them, which will allow hackers to earn huge sums. Horowitz noted that “this is a particular race, in which all of these factors are trying to find a way that will allow them to carry out attacks as broadly as possible, usually through the installation of various attack software.” She stressed that “some of the cyber attacks that have been in Israel in the past year are not the classic crimes, when the attackers who committed them are looking for more things.”
Lotem Finkelstein The director of intelligence and cyber research at Check Point added that “the fact that more cyber attacks have been launched over the past year is not accidental, and the reason for this is fed by two factors. First, there is the meaning of public maturity “They are no longer perceived as too complex, but on the other hand, the attackers themselves choose larger and more significant targets.” One example that Finkelstein mentioned is the cyber attack on the oil pipeline of the American company “Colonial Pipeline”, during which the facility was silent, which led to the stoppage of the company’s operations for several days. The attack led to a shortage of fuel on the East Coast, as about 45 percent of its fuel comes through the pipeline.
“The hackers are currently attacking large quality targets, with the aim of maximizing their profits, and creating significant echoes of this in the media. These are quality targets, which can not be ignored, and they have a significant impact on the daily lives of citizens,” he added. Ignore a situation where all the gas stations in the country have been shut down, and around the world can not ignore situations where an airline is under attack, or cases like the fall of Amazon cloud or WhatsApp and Facebook servers. “A situation where a site such as Atref or Hillel Yaffe Hospital falls victim to a cyber attack affects the daily lives of all of us, when personal information may leak or we reach the hospital and we can not receive medical treatment.”
Finkelstein added that “hackers use force on significant targets to convey a certain message, and the very significant disruption to our way of life ensures that it is fully and clearly absorbed. After all, the purpose of the cyber attack that hit Iran’s gas stations was not to balance world oil prices.” Horowitz added that “the attack that hit the gas pipeline in the United States is a completely different story, as it is an injury that can not be lived with – disabling the vehicle’s refueling capability leads to significant distress, and a situation where victims find the necessary ransom. It is a pure cybercrime.”
And what about attacks on targets such as hospitals?
Horowitz: “Over the past year, medical entities and hospitals around the world have been the target of many cybercriminals. Flooding or stealing information from a hospital is just like attaching a gun to someone’s temple.”
Finkelstein: “In fact, for years the hospitals have been the target of cyber attacks, partly because they have very little tolerance for shutdown, and they respond to the hackers’ demands quickly. In the case of Hillel Yaffe Hospital – the incident quickly became a national event, managed by the Ministry of Health. “Hackers cannot be blamed if someone dies in a attacked hospital.”
The Silent War
Over the past year, Iran has experienced a number of cyber attacks, which have hit the country’s train and gas stations, among others. The regime in Tehran was quick to accuse Israel of carrying them out. “Without going into the identity of those who carried out these attacks on Iran – whether it is various opposition groups in the country, or whether it is Israeli activity, it serves the conflict with Iran,” Finkelstein explained. “There will be more attacks – sometimes it will be cybercrime, and sometimes it will be attacks from an ideological background. The snowball will continue to grow.”
Horowitz added: “Ultimately, the cyber dimension allows Israel and Iran, as well as the United States and China, and in fact other countries to gather intelligence, and be at war with each other – without a single bullet being fired. “But it is clearly a war, and if a third world war breaks out, then it will take place in this dimension. In fact, we may be in the midst of a war at the moment – we just do not always see the results in real time, and it is difficult to attribute them.”
A different area of expertise
Horowitz noted that during the year this year there has been a change in the number of cyber incidents. “The number of companies and organizations that have experienced attempts at infidelity has tripled,” she stressed. We are dealing with smaller bodies. ” Finkelstein added that “hackers now invest more resources in attacks – it is no longer a machine that performs the attack, but a person who sits in front of the computer, and does everything to reach significant assets of the company he is trying to attack – whether it is the database of users” Atref “or In the policies of the insured in Shirbit “.
Who are the hackers who carry out these attacks?
Horowitz: “It is difficult to give a general definition, simply because the attacks today are very complex, and behind each of them are several hackers – who each have a different expertise, and they carry it out together. In any case, the attacks are no longer carried out in dark basements. “Arranged, when they are surrounded by piles of money, but it is still not an office in a high-rise building like that of high-tech companies today.”
Finkelstein: “Hacking into an enterprise network is a complex thing, and then you have to develop software that will encrypt the files quickly. We are not just talking about hacker groups today, because there are several people working together.”
Do you think anyone in the country or in the world has really learned a lesson from these attacks?
Finkelstein: “It is not necessarily a matter of learning a certain lesson, one just has to understand that it is a mistake to think that there will be no cyber attacks, and that there is no need to prepare for such incidents. The bodies that hold sensitive information should do everything to ensure it is protected.”
Horowitz: “I think there has been a certain improvement in the level of the individual citizen, nowadays people are less likely to click on links that come in text messages and emails, and understand that it could be an attempted attack. On the other hand, people still upload sensitive information .
“In 2022 we will not necessarily see a decrease in the number of attacks taking place around the world, simply because it works for hackers and they make a lot of money from them,” she explained. ”
Finkelstein added: “This is not a clean business, but without a doubt it is a state of success that leads to success – they succeed in one attack, then improve towards the next, and reach new goals, which bring them to the headlines.” He referred to attacks in Israel in the past year, explaining: “Many attacks have made headlines here, which attracts more players to try and harm Israel, it is true that this is often an ideological background, but hackers realized that it is relatively simple to enter a particular organization “Maximize the event financially. Next year there will be more cyber attacks, and some of them will not necessarily make headlines – but they will stabilize the home front.”