Beyond the Firewall: Israel vs. the Hackers

For those of you losing sleep at night worrying about foreign agents infiltrating your country's territory, I've got bad news for you. They're already here.

That's right. Deep within our domain. Perhaps even inside our most sensitive installations: nuclear power plants, electric grids, air traffic control, and our food supply.

A well-executed attack on any one of these systems, or dozens of others (even the sewage system!) could lead to chaos. Our new cyber-defenses have to be able to deal with the enemy once they are already on the inside -- simply because they already are. This is particularly important in my home country of Israel.

There is no country better positioned than Israel to continue pioneering the field of cyber-security. It has to do with our long history of defending ourselves against cyber-attacks, but also, apparently, of our use of cyber technology in battles against our enemies, as occurred during the second Lebanon War when Israeli cyber experts had Hezbollah in their crosshairs.

As Israel Martinez of the U.S. National Cyber Security Council says, "Cyber-defense effectiveness is based just as much on Cyber-offense. Both are tools in warfare, and there are few as practiced in all forms of warfare as the Israelis."

Good armies know how to both attack and defend. The same is true in cyberspace. That's why Martinez and many other experts rank Israel as one of the top three most important centers of cyber-defense technology in the world.

There are numerous examples of Israeli companies leading the charge. My venture capital firm has invested in several of them.

One is called Cyber-Ark. Cyber-Ark systems sound an alert when they detect suspicious activity already inside a sensitive system. The Firewall philosophy, where we build walls long and tall around our sensitive networks, is no longer the only answer. They've breached the Great Wall of China! The horse is already inside Troy (and your server)!

And there are dozens more Israeli companies on the frontlines of this battle, many using spinoff technologies from the Israeli military to make the world a safer place. Many of the companies, including Cyber-Ark, were started by veterans of elite IDF IT units.

Israel's contribution to worldwide cyber-safety has recently been given a boost with the establishment of the Israeli National Cyber Directorate. Wisely, the national directorate will join the best of Israeli academia, business and the military to establish the country as a leading exporter of cyber-security technologies.

Continued focus on Israeli cyber-security is well-deserved. Consider what happened just these past weeks: Saudi hackers looted credit card and other personal information from thousands of Israelis as a "New Year's Present" to the world. Pro-Palestinian hackers have also shut down the websites of our national airline and stock exchange.

But those were child's play compared to other, more sophisticated cyber-attacks worldwide:

• In Brazil, hackers have shut down electrical grids, darkening entire cities • In 2007, hackers shut down nearly all Estonian government ministry networks and two major Estonian banks. • Industrial espionage by Chinese hackers (who many believe are state-sponsored) has gotten so bad that according to the Wall Street Journal, even a thermostat in a US Chamber of Commerce building was discovered to have been communicating with an Internet address in China. • According to reports, the now infamous Stuxnet virus penetrated Iran's uranium enrichment systems, disabling centrifuges and delaying national efforts to achieve nuclear weapons.

As tremendous opportunities for openness and communication continue to develop in our world in almost every sphere (think both Tahrir Square and JDate), let us not forget the need to protect and safeguard the very things we need to be open about.

But let us not continue defending ourselves against the last war. The next war is already being fought, with keyboards and cursors rather than cannons and cruise missiles.

The US, Israel and other countries must set new standards for protecting ourselves against these kinds threats, and they must do it now.

Many of the tools to mitigate existing cyber-threats already exist -- they're just not implemented. Governments and private sectors throughout the free world need to join together, sharing information and expertise to confront these dangerous attacks. Let's do it now, before it's too late.

It's not about sleeping well at night. It's about making sure we wake up to the same world the next morning.

Israel's on it. Rest assured.

Is your country?