"On October 7, Hamas launched massive cyber attacks against Israel and hacked the early warning app "Red Alert", and gained access to Israelis' mobile devices.
There is a direct link between terror and cyber. People should be wary of media coverage and check public information carefully".
This was stated in an interview for BGNES by Oren Elimelech, Cybersecurity & Privacy Researcher, Expert and Adviser for security & governmental offices, financial institutions, corporations and various enterprises. Serving as head of the Cyber and Information Security Manager at the Ministry of Transport and Road Safety in Israel, and leading the sectarian Cyber regulative strategy, policy and governance.
He emphasized that there is a direct connection between terror and cyber, which is growing more and more.
“Cyber is being used as a weapon. We saw it in the war between Russia and Ukraine, but also in the war between Hamas and Israel. We used to have people on the battlefield, ships, airstrikes and planes. There is now a fourth dimension - cybernetic. Cyber works hand in hand with physical attack. This can cause damage to businesses, critical infrastructure and media. We are also witnessing attacks on the media and creation of fake news. It is cognitive and psychological warfare that affects and creates new challenges for the individual," Elimelech said. He noted that the main threats to businesses are mostly denial of service attack, DDoS attack (interruption of network services) and ransomware (malware that can block access to the system or encrypt user files)".
He said that usually with ransomware there is double extortion, which means they block your access to the system, delete your backup and demand money. Hackers can use your sensitive data or those of your customers - videos, photos, etc. Cyber attacks threaten your reputation and image.
Elimelech advises ordinary citizens to be careful in the information space and to know that any news they see for example on WhatsApp or Telegram can be fake.
"Take a minute, check the email, look at the SMS you received, but don't open it if you weren't expecting it," advised Elimaleh, pointing to the bot that Israel National Cyber Directorate is a good example of successfully fighting fake news. created.
"If you receive an SMS or news, you can put it in this bot and it checks the truth of the information automatically for you with the help of artificial intelligence," the expert added.
When asked if there was a breach in Israel's security system in the October 7 Hamas attack on Israel, Elimelech replied:
“On October 7, 10 minutes after the first missile was launched, there were many cyber attacks against critical infrastructure, financial organizations, banks, insurers and the media, as well as against the government”. There have been many such cases in the media, especially against an app called Red Alert. Every citizen of Israel has a cell phone with this warning system and a personal bunker or bomb shelter in their home. There are places to escape in your house, but you have to know when to do so. The street alarm can go off, but there's also an alarm on your mobile app. Hamas hacked this mobile app and created a fake alarm or simply turned it off. What's more, a fake malicious app with the same name was created, which the Israelis downloaded, and Hamas was able to steal their call logs, text messages, listen in and control their mobile devices", Elimelech explained.
According to him, Hamas' attack on critical infrastructure and the government was not particularly successful, but it was very pronounced against financial institutions and the media.
"October 7 was a surprise for everyone. Conspiracy theory aside, I'm sure this matter will be investigated after the war. But in cyber, the INCD (Israel Cyber Directorate) was very prepared before October 7th. She has been doing great work for many years. The government and critical infrastructure have no problem," Elimelech emphasized.
He shared Israel's experience in countering malicious acts. In support of the directorate in question, the working group "Arava" was created, which protects over 100 companies. Hundreds of professionals work pro bono with the government to support, volunteer and secure businesses. The expert noted that the group is very good at defending, but its work also includes attacks against Hamas.
The head of "Cybersecurity and Information Security" recommends the NIST methodology for countering cyberattacks. He noted the "very strong" cooperation between Bulgaria and Israel at the intergovernmental level.
“A cyber breach can happen to any organization, to any government institution, at any time. They should be prepared in advance, be proactive. The National Institute of Technology created the so-called Cyber Security Framework. Israel accepted her in 2017. She helps the US and Japan, Israel. Bulgaria also uses this framework. Cooperation at the governmental level between Israel and Bulgaria is very strong. The methodology is very dynamic and can be used by government offices and private companies," said Oren Elimelech. He added that the hacker thinks in two terms - time and money: "If he has to hack you, it can take him anywhere from 2 hours to 2 months. If he thinks it's too expensive, he'll go somewhere else."
The experienced government adviser emphasized the need for investment in schools, institutions and the army. According to him, the most important investment in cyber security is in education.
"First of all, invest in educating people, starting with children, from school everywhere, to organizations, to government and to the military. Invest in cyber security. Most organizations and their management do not put the right people and the right tools first. They they like to invest in sales, in marketing, in other things. We need to invest in cyber security like we invest in marketing," he emphasized and continued:
If you have a business, it doesn't matter what kind, you want to make sure it continues to operate. If it goes out of business because of a cybersecurity issue, you have no business, you have no income. That should be a top priority for senior management or the board of directors - to invest in the right people and the right tools. If you're not prepared for a cyberattack, you can end up in chaos, and chaos is a big problem, he added.
Regarding the prospects for resolving the conflict between Israelis and Palestinians, Elimelech said the situation is a huge challenge.
"Israelis want peace. Most people are looking to live in peace. We have made peace with Egypt, Jordan and the UAE, and we certainly look forward to peace. But it takes two to tango. The other side must also want peace. The problem is Hamas because the Palestinians they are not Hamas. The organization is using them. Without Hamas we will be able to live together," he said, but expressed hope that the normalization process between Israel and Arab states will take place in the future after it was suspended on October 7.
"I am sure this process will continue because we have seen the support we are getting from Saudi Arabia during this situation. We are still getting support from everyone. It is better to live in peace not only for business but also for personal health and well-being," Oren Elimelech concluded. /BGNES