Cyberattacks against Israel are becoming more common and expanded to include military data and military installations as well as critical infrastructure and civil services. In fact, Israel has a broad number of cyber adversaries, whether state or non-state actors. As such, investing in cyber defense measures to protect Israel’s national security and the related technological capabilities (e.g. communication lines, networks, civilian infrastructure, military systems, etc.) is no longer a luxury for Israel.
Here, the significance of the Israeli Cyber Dome becomes particularly evident, whose role is as vital as that of Israeli telecommunication companies that serve as one of the main cyber defense lines, given their possession of databases for a large number of users and their responsibility to secure all communications, while maintaining confidentiality and privacy.
The Nature and Characteristics of the Cyber Dome
On several occasions, Director-General of the Israeli National Cyber Directorate Gaby Portnoy made reference to the Cyber Dome, the recent of which was in the conference held within the Cyber Week of late June 2022 organized by the Israel National Cyber Directorate (INCD) and the Blavatnik Interdisciplinary Cyber Research Center (ICRC). According to Portnoy, the cyber dome is aimed at monitoring potential cyberattacks and defending Israel’s vital facilities, particularly those that are managed electronically, towards providing the required protection for different Israeli facilities through pre-emptive mechanisms that reduce the intensity and frequency of cyberattacks, similar to the Israeli air defense system, aka the Iron Dome. This can be achieved through joint action and sharing of information to defend against emerging threats.
Arguably, the cyber dome is touted to provide a proactive approach that helps predict and monitor cyberattacks nationwide, without it being limited to a particular sector or covering the critical infrastructure only. In essence, it would be a participatory approach that requires concerted efforts of different countries, cyber defense companies, academia, the Israeli government, and security agencies to promote Israel’s cyber capabilities, by taking advantage of big data and artificial intelligence towards enhancing cybersecurity in the country by introducing new mechanisms that reduce the damage caused by cyberattacks on a large scale. In this vein, Portnoy and Israeli Minister of Communications, Yoaz Hendel, stressed in a press conference that the “cyber dome” will take the country’s security capabilities to the next level and will provide cyber protection similar to the air defense protection that the Iron Dome provides, ensuring protection of the entire state.
The cyber dome is supposed to counter the various attacks on Israeli networks, including systems operated by individuals, the government, the military, the private sector, or otherwise. It is also supposed to identify threats, protect systems from cyber risks, reduce the severity of cyber threats within various networks, and launch retaliatory counterattacks against attackers and hackers by the Israeli Defense Forces (IDF) Cyber Command. As such, the cyber dome will not initiate preemptive cyberattacks but will rather provide the IDF with accurate information on attackers and their location, to preemptively thwart their attacks if possible or direct retaliatory cyberattacks against intruders.
In this sense, the cyber dome would promote cooperation between the Israeli government and the IDF on the one hand and Israeli and non-Israeli Internet and technology companies on the other. Potential partners include Google, IBM, Microsoft, Elbit Systems, and Israel Aerospace Industries. Engaging major technology companies in developing Israeli cyber defense mechanisms is undoubtedly important, given their ability to employ cybersecurity and emerging technology companies (i.e. over 200 companies). In effect, each leading technology company can work with 10 small startups, enabling integration and saving time and effort. Some analyzes have indicated that this approach is similar to that adopted in the development of the Iron Dome. Notably, according to the Israel Innovation Authority (formerly known as the Office of the Chief Scientist), Israel has the largest number of cybersecurity institutions in the world, with it housing 250 cyber companies as well as 15 online research and development centers run by multinational companies such as IBM, Qualcomm, Microsoft, among others.
Indeed, the Cyber Dome had elements in the vision of Israeli Prime Minister Naftali Bennett who noted that “at the national level, Israel’s cyber defense system works jointly with technological companies to defend Israel.” adding that, “just like there is nuclear deterrence, there is going to be cyber deterrence.”
Bennett acknowledged that Israel’s civic infrastructure had been subjected to numerous cyberattacks, saying, “after all, companies have a responsibility to bear. If clients’ data is breached, then this is a problem that companies have to deal with.” Bennett’s vision is based on combining civilian and military expertise towards addressing advanced cyber threats. While his vision was initially rejected by some voices that found it impractical since the private sector lacks the ability to gather intelligence and deter, let alone that fact that sovereign authorities may not feel comfortable dealing with it. However, these voices declined in favor of a school of thought that said of the possibility of applying the operational concepts and building on the lessons learned from the implementation of the Iron Dome, including establishing effective cyber intelligence, early warning, active defense, command and control, passive detection, and cyber deterrence. In many respects, this requires combining electronic innovation with changing strategic realities, including emerging cyber-security threats that affect traditional lines of attack and defense in a manner that requires expanding the scope and nature of operational requirements, including the protection of physical and cyber fields simultaneously.
In this vein, the Israeli government launched a new initiative under which the Ministry of Communications and the INCD will enforce new regulations that introduce mandatory and unified standards under which companies are required to develop plans to protect communications networks, using a combination of monitoring and control mechanisms to protect against cyberattacks while maintaining the privacy of the various sectors and entities. Based on these regulations, major Israeli telecommunications companies will be required to implement detailed plans to identify and prevent future cyberattacks targeting their networks. They will also be required to develop monitoring mechanisms to provide a true picture of the cybersecurity efforts taken while ensuring the privacy and integrity of the data collected, along with keeping up with the latest technological advances to identify, contain, and prevent potential cyberattacks.
Put another way, the Israeli government has directed telecom companies to strengthen their efforts in the field of cybersecurity through new regulations that give rise to unified mandatory standards. In a recent press statement, Israeli Minister of Communications, Yoaz Hendel, said, “We are trying to set the correct standard for telecommunication companies to create a kind of ‘Iron Dome’, protecting Israel from cyberattacks,” noting that Israel comes under thousands of cyberattacks every year. Further, the Director General of the INCD, Gaby Portnoy, emphasized that Israeli telecommunication companies maintain a high level of cybersecurity, but the new regulations –which allows for more oversight– will mark an important improvement.
Several factors drive Israel to consider developing the Cyber Dome, which we detail in the following points:
1- Repeated Cyberattacks: Over the past few years, Israel has experienced a significant number of cyberattacks. For instance, on 14 March 2022, all websites of Israeli ministries went down following a cyberattack, including websites of Ministries of Interior, Health, Justice, Welfare, and the Prime Minister’s Office. Additionally, several Israeli government websites were also subjected to cyberattacks by hackers who targeted Israeli government and media websites and servers, posting messages warning of Iranian cyber war against Tel Aviv on 20 April 2022. Only one day earlier, the websites of Channel 9, Kan 11, and the Israel Airports Authority had been disrupted. In late June 2022, a Distributed Denial of Service (DDoS) attack targeted the website of the Israeli digital intelligence company Cellebrite that provides solutions to collect and analyze data from digital devices. In response to these attacks, the State Comptroller of Israel Matanyahu Englman is conducting a thorough check of several government websites’ e-services, including hospitals, the Education Ministry, the Israel Tax Authority, transportation systems and local authorities, while conducting penetration tests on the electronic systems.
2- Promoting Cyber Defense Measures: According to official Israeli data, Israel has blocked about 1,500 different cyberattacks. Data from Check Point Software Technologies indicates that there is a 137 percent annual increase in the average weekly attacks on Israeli companies. Over the first three months of 2022, Israel has suffered 1,500 attacks a week. Portnoy also confirmed that the country has seen a sharp increase in DDoS attacks and accused the Iranians of launching many of which.
3- Countering Iran: Portnoy believes that Iran has become a major player in cyberspace along with Hamas and Hezbollah. Mentioning the Iranian cyberattacks, Portnoy once stated that, “We see them, we know how they work, and we are there.” These attacks have been evidenced by the annual warning issued in May 2022 of possible cyberattacks on the occasion of Quds Day in Iran and the end of the holy month of Ramadan. Some of these cyberattacks targeted Israeli gas stations and media outlets. Maariv newspaper had previously revealed threats made by a group of Iranian hackers against Israeli military figures. The same group claimed responsibility for attacks on the warning systems in the cities of Jerusalem and Eilat, amid fears that the Israeli infrastructure would be damaged. Relatedly, in the Cyber Week, Bennet addressed Iran, saying, “My attitude in general when it comes to our enemies —especially Iran— is that we do not work to create destruction and terror. This has never been our policy. Our policy is, if you mess with Israel, you’ll pay a price. You will not be able to harm Israel through proxies —Hezbollah or Hamas— thinking you can get away with it.”
4- Securing Telecommunications Companies: While telecommunication companies may, at times, have an effective role in cyber defense, they may be vulnerable to cyberattacks at other times. Hackers could use them as a gateway for penetration and damaging and Israeli strategic assets. In a press conference, Hendel pointed out that “telecommunication networks are an attractive target for cyberattacks by hostile elements,” indicating that possible damages of these attacks may include disrupting services and leaking information, especially with the multiplicity of attackers at the cyber level to include state and non-state actors alike. Perhaps this makes the “cyber dome” increasingly significant, similar to the Iron Dome system designed to intercept medium-range missiles, with the aim of enhancing and strengthening civil space and reducing cyber risks.
5- Building the Private Sector’s Cyber Capabilities: Israel aims at pursuing the attackers in their digital safe havens, introducing cybersecurity protocols for infrastructure to be used in a broad sense, expanding the sector’s tools and skills, and securing supply chains. Israel recognizes the importance of supporting small businesses to understand and respond to the nature of cyber threats in parallel with building their capabilities in a way that contributes to strengthening the national cyber defense.
In short, Bennett once declared that, “we can get stuff done hitting your enemy through cyber. Before we needed to send 50-100 commandos behind enemy lines with huge risks. Now we get a bunch of smart folks together sitting at a keyboard and achieve the same effect.” Perhaps Israel’s cyber defense policies in general and the creation of the Cyber Dome reflects the changes Israel is seeing in the battlefield, requiring the local authorities and the central government to prepare for it through several measures that require extending cooperation between the various national actors at home and with major technology companies abroad.