Israel is at the forefront of cybersecurity, but despite being one of the world leaders in the industry, they still have vulnerabilities.
Recently, a soldier for the IDF wanted to prove that the computer systems were not as secure as had been reported, and so did the unexpected: he hacked an Israeli secret database.
The 20-year-old IDF veteran is known as a computer genius and was placed in the elite technological unit’s division. He is said to have reported the problem to his commanders, but instead of listening to him, they sent him to work as a kitchen worker.
He was brought to court for the incident after he extracted top personnel information and arrived at senior officials’ homes to warn them of the vulnerability. He received a light penalty and was forced to pay a 1,500 shekel fine for his actions.
Now that we know the IDF is vulnerable to attacks, the question remains: how can Israeli companies protect themselves from cyber attacks?
Method 1: Use an Anti-Virus and Keep It Updated
Anti-viruses are not foolproof, but they make it more difficult to be hacked. You’ll want to install and continue updating respected anti-virus software. You can also install an anti-malware program, such as Malwarebytes, to check and remove malware as needed.
The presence of an anti-virus software helps eliminate known threats but there will always be 0-day vulnerabilities that can cause a company’s computer system to remain vulnerable.
Companies should have strict protocols in place to not only update anti-virus and anti-malware software but also to update operating systems and other essential software.
Method 2: Stay on Top of Cybersecurity Threats
Companies should hire IT experts and security experts that work to stay ahead of potential cybersecurity threats. Security awareness is key to eliminating threats and potential hacks. There are several options available, including:
- Penetration testing
- Testing co-workers for phishing vulnerabilities
- Patching security holes and issues
There are many threats to consider, including from well-funded attackers. The Iranian-based hacking group Chafer is known to have attacked several large organizations in Israel, Turkey, Saudi Arabia, Jordan and the United Arab Emirates.
The latest attacks from Chafer show that the group is expanding their operations and posing a serious problem for companies that offer sea transport, air transport, technology, airlines and aircraft services.
Reducing the risk of a cyberattack means knowing what threats exist and how attacks are made. For example, Chafer started to spread malware through SQL-injections , spear-fishing campaigns and honing the free tools at the group’s disposal.
Chafer is focusing on supply chains and compromising organizations with the intent of attacking customers in the future. Patching software, penetration testing and using a third party to test the risk of employee vulnerability can increase Israel’s business readiness for an attack.
Method 3: Avoid Public Wi-Fi Networks
Directly accessing Wi-Fi networks leaves many businesses at risk of being hacked and experts recommend a VPN to access Wi-Fi to limit these risks.
Israel has a lot of public Wi-Fi networks, and in 2016, a hacker needed just three days to hack Tel Aviv’s free public Wi-Fi.The hacker only needed a limited amount of time to mount the attack: he did it in the evenings after work.
Russia is also linked to hacking into Wi-Fi, and Israel researchers have shown that malware can easily steal data from Wi-Fi routers.
Wi-Fi hacks constitute a significant problem, but there’s another major issue: interception services.
Interception allows law enforcement to intercept any information sent over Wi-Fi. WiSpear, a firm created by an IDF veteran, is one company that offers such services.
WiSpear works in the legal interception space and can intercept anything from communications to social media passwords. Interception can also be used by hackers and other private, non-intelligence agencies to hack into a company’s Wi-Fi andsteal information or even trade secrets.
VPNs with encryption features help protect against interception, especially when military-grade, 256-AES encryption is used.