TEL AVIV — Israeli Defense Forces are turning their attention to a new front: the war raging in cyberspace. And in an attempt to coordinate what up to now have been disjointed, sometimes overlapping operations, the Israeli military's chief of staff recently announced the creation of a special cyber unit.
The unit will be similar to cyber commands established in recent years in other military structures around the world. But in Israel, this is also seen as a potential boost to the economy, as the professional training the unit's soldiers receive will allow them to later move to Israel's high-tech sector. The result could be a boom in Israeli start-ups.
In the global cyber war, the presidents of Russia and North Korea are the enemies. Last summer a senior source in South Korea's cyber apparatus gave Calcalist a rare glimpse into this intricate world of interests. The two Koreas have been engaged in a cyber hostilities for several years now. Hackers affiliated with North Korea attack South Korean companies and civil infrastructure such as airports and governmental ministries. A large offensive two years ago saw banks, ATMs and TV stations in South Korea being attacked.
"Defending against such attacks goes through the usual diplomatic channels," the South Korean source said. "But many times we face situations where we need to rely on a foreign power such as China or Russia. We don't always get the assistance we would like. Often we need to rely on their goodwill and trust them completely."
Fighting the cyber units of North Korean President Kim Jong-un requires sophisticated diplomacy because, as the source explains, the hackers are actually based in China and trained by the Chinese and North Korean hacking units.
For Russian President Vladimir Putin, the past year has been particularly turbulent with plummeting oil prices, an economic meltdown and sanctions imposed on Russia after it annexed Crimea. Nevertheless, support for Putin is growing, and Russia is very active in the cyber arena. Russian attacks target the United States, including federal facilities and major corporations, primarily in the finance sector.
Hacking for ransom
Today's hacker is no longer the teenager computer wiz who found a way to infiltrate a company's computers. The vast virtual space, alongside the plethora of business opportunities it offers and of course the generous compensation, is attracting a new generation of hackers: computer science professionals with broad knowledge in programming and little concern for ethics. In the past, hackers may have been lone wolves who collaborated online. Today they are true professionals who are hired by organizations and governments.
One increasingly popular activity among this corps of digital soldiers is hacking for ransom. That is, penetrating organizations and threatening to reveal information unless a ransom is paid. Professional hackers work not only for corporations but also offer their services to anyone willing to pay, including armies and governments.
Check Point, Impreva, Palo Alto, Trusteer, WatchDox. This is just a partial list of the companies with which Israeli entrepreneur Shlomo Kramer has been involved. He got his industry start at Check Point with Gil Shwed and Marius Nacht, and is now considered a leading figure in both the Israeli and Silicon Valley cyber industries.
Kramer left Check Point after disputes with Shwed over the way the company was being run. In 2002, he started Impreva, a company that addresses abuse of databases by internal users and is now traded at $2 billion. Kramer is both the chairman of Impreva and the CEO of Cato Networks, and he is also an active investor in many companies. In fact, he is a one-man hedge fund. In most cases, the companies he invests in become popular among other funds and investors.
Twenty-two years after Check Point was established, founder and CEO (until early September) Shwed can look back with pride, but also with some paranoia.
The company that invented data security and started by selling the first firewall is now facing exceptional competition. Rival Palo Alto Networks, founded in the United States by Check Point alumnus Nir Zuk, has been giving Shwed a hard time in recent years. In business terms, Check Point has an edge on Palo Alto, but this year the latter has also shown impressive growth in terms and value, overtaking Check Point's. And Morgan Stanley's forecast for Check Point are pessimistic.
The change in the business environment has also made Shwed more alert. The opinionated executive who overcame his wariness of acquisition and mergers with Israeli firms has bought Hyperwise and Lacoon. The former, a technology that protects against malware, was meant to be Shwed's response to the acquisition of Israeli firm Cyvera by Palo Alto. But his shopping spree isn't over and Check Point is considering more purchases.
The company still lacks solutions for virtual security, physical infrastructure security and proper responses to very dangerous coordinated cyber attacks.
Check Point developed a technology based on firewall and protection of organizational networks. In its second generation, Israeli cyber companies like Palo Alto Networks and CyberArk develop technologies that complement the firewall. But in recent years the cyberspace is facing more threats and new cyber heroes are born — that's the third generation — who work on developing technologies that go beyond curbing attacks.
The third generation is represented by a few dozen companies that have each raised millions of dollars in investments already. They generate incomes of tens of millions of dollars and serve the world's most sensitive defense organizations.
Among these companies are Adallom, which was sold last month to Microsoft at a valuation of $250 million and deals with data security of organizations' cloud-based applications; Cybereason, which raised $30 million, is also valued at around $100 million and deals with curbing doom's day-style coordinated cyber attacks; and Ensilo, which raised $13 million and develops a technology for exfiltration prevention.