TEL AVIV (Reuters) - Israel is on guard against hacking ahead of the next general election, one of its most senior cyber security officials said, identifying Iran as posing the greatest overall risk to the country’s cyber security.
The government is bracing against the risks of fake news, possible denial of service attacks on civic institutions, or efforts to hack the correspondence of politicians or government officials in order to leak embarrassing details.
“We are on the way to identifying and assisting from a distance everywhere we find or identify as a vulnerability ... and make it tougher for the bad guys to hack,” Yigal Unna, head of technology at the prime minister’s cyber directorate, told a Reuters Cyber Security Summit.
Since the 2016 U.S. election, Western countries have been fretting about the possibility of Russian hacking to influence their internal politics.
Israel is less concerned about hacking attempts on polling stations as the country, with less than 6 million voters, still uses paper ballots.
“My agency took care that we stay with paper,” he said, noting that a proposal to digitize the voting process had been knocked down.
Rather, Israel is worried there will be attempts to disseminate fake news or smear campaigns.
“You can hack into bank accounts and put in large amounts of money and at the right time expose it,” Unna said at the Summit, held at the Reuters office in Tel Aviv. “You don’t need much more than that to smear candidates, change opinions or shift elections.”
While Israel’s general election is not slated until 2019, there is speculation that long-running criminal investigations against Prime Minister Benjamin Netanyahu could force his resignation, or that his coalition could come apart over a variety of contentious policy initiatives, meaning a ballot could come earlier.
“PLAYGROUND TO PRACTICE”
Israel has been seeing more, and increasingly sophisticated, attempts at cyber attacks by Iran.
“We see a growing threat coming from Iranian cyber. They are a threat not just to Israel but to Saudi Arabia, Egypt and others,” said Unna, who until recently headed cyber defense at the Israel Security Agency, better known as Shin Bet.
“We see more and more seemingly North Korean traces in the Middle East,” though no attempts that can definitely be attributed to the Koreans, Unna said.
“If there is an independent group that launches attacks against national assets then I automatically suspect it’s not really an independent or private group,” Unna said. “It’s no secret we see Iranian efforts through all measures you can imagine to attack, to engage, to cause trouble in Israel.”
Israel faces increased cyber threats from Hezbollah, though Unna argued the Lebanese Shi‘ite militia group would not do anything on a large scale without clearance from Iran.
“It’s a growing problem mainly because they have a playground to practice -- not necessarily in Israel but Syria and other conflict areas,” he said.
Unna said Israel has seen “zero damage” from cyber attacks since 2002, when he took up his position at the Shin Bet, noting that Israel deploys “active defense” and does not wait for hackers to strike.
“I know how thieves work and what are their nightmares,” he said, noting Israel uses hacking to counter potential attacks.
“That’s cyber warfare 101. Active defense is not to wait for the problem to hit you ... We are trying to make the hackers’ nightmares come true.”
For more Reuters cyber news, go to www.reuters.com/cyberrisk
Follow Reuters Summits on Twitter @Reuters_Summits
Additional reporting by Ari Rabinovitch, Ori Lewis, Dan Pleck in Tel Aviv, Eric Auchard in London and Jim Finkle in Toronto