Anton Lucanus

Israel demonstrates the importance of shared responsibility in cybersecurity


Startup IXDen teams up with Israel’s water company Mekorot to bolster cybersecurity capability

There is always the flip side to anything, even to something good. As law professor David Bernstein said, “For every lock, there is someone trying to pitch in or break in.”

This is true even in Israel, a country so ahead in technological innovation it is considered the “Startup Nation” of the world. With at least 6000 active startups and established companies, Israel has trailblazed frontiers in technology, especially in cybersecurity. Revealing the secret of this outstanding national capability, Jon Medved, CEO of OurCrowd, a Jerusalem-based investor platform, said “We don’t have huge natural resources, so we have worked hard to develop our skills-base in the country.”

However, hand-in-hand with the soaring triumphs, there is the sobering thought voiced by former Director of the CIA, Leon Panetta, “The potential for the next Pearl Harbor could well be a cyber-attack.” Retired U.S. Marine Corps general and former White House Chief of Staff John Kelly was also filled with premonition when he said, “I think we could very easily suffer a seriously catastrophic cyber event.”

What played out in Israel in 2020 showed how vulnerable the world can get in the face of malicious cyber players. It showed that even the strongest player can have vulnerable moments. Such as when agricultural water pumps in upper Galilee, Israel, were attacked by hackers who tried to change chlorine levels in the water supply, followed by another attack on water pumps in Mateh Yehuda. Subsequently, two other water management facilities in Israel were attacked by hackers. The perpetrators of the cyberattacks were identified as Iran, friend of Israel turned enemy since Iran’s Islamic Revolution in 1979. Moreover, according to a Fox News report, Iran used American servers to hack into the Israeli facilities. One of Israel’s foremost cybersecurity experts, Director General of Israeli National Cyber Directorate, Yigal Unna, called these attacks a “synchronized and organized attack” aimed at disrupting key national infrastructure. He called the hacking into Israel’s water systems the first time in modern history that “we can see something like this aiming to cause damage to real life and not to IT or data.”  

Even as local populations using the water could have been harmed by this attack, and water rates for business could change, Israel’s National Cyber Directorate (INCD) and the Water Authority alerted water treatment facilities to change passwords on equipment connected to the internet, particularly focused on operational systems and chlorine control devices. As it was subsequently established following investigation, a disguised Iranian-written code traveled along US and European servers before reaching its ultimate target, which was the software controllers that provided water to Israeli homes.

Even though the cyberattack had minimal impact on the country’s water systems, it did bring into sharp focus the fragility of Israel’s water systems to foreign enemy threats. For instance, the decentralization of the water systems among a lot of agencies and companies made it hard to centrally manage security strategies. With Mekorot, Israel’s state-owned national water company connecting cities and communities to water, residential water supply relies mainly on five desalination facilities that provide 80% of the national drinking water supply.  

It was, thus, an unsatisfactory situation regarding security, that the decentralized water sector did not allow Mekorot access or oversight concerning the desalination facilities’ preparedness for a cyberattack. In fact, it seemed almost indicative of a premonition, that a few days prior to the first attack, Mekorot, which already has a cyber department, should request an upgrade from the Water Authority, due to escalating fears of cyberattacks.

With the launch of a government program last year, Mekorot, which invests heavily in the development of technologies and in smart water management, established an Innovation Center to invest in startups, to innovate within the company, and for research. As CTO of Mekorot, Moti Shiri, said, “We have more than 80 years of experience in the water sector, and what is unique about us is the fact that we integrate several fields. There are not a lot of companies which do this globally.”  In fact, it is Mekorot that has taken the lead in pushing Israel high onto global rankings. Moreover, IXDen, a leading  Israeli cyber startup, was one of the first companies to benefit from a Mekorot investment. Mekorot invested $2.5 million in IXDen.

Furthermore, as befits the foremost nation of technology startups, and as an example of the capabilities of startups, IXDen, has now come to the rescue of Mekorot, to bolster its cybersecurity safeguards. IXDen focuses on guarding against malfunctioning of interconnected devices, whether it is through a cyberattack or normal wear and tear in the course of usage. Through its technology, IXDen intends to protect over 30 billion internet-connected devices across the world. IXDen co-founder and co-CEO of IXDen, Leonid Cooperman, said, “We are solving two big problems: security and operational problems, in one software product.”

IXDen has developed an algorithm for Mekorot’s digital systems, that can instantly zero in on unusual behavior in IoT elements and can act to protect them. As CTO Shiri said, “We have 3,000 water facilities around the country. In each one of them there are sensors, which are like small computers transferring information and operating the systems.” For instance, sometimes, sensors transfer inaccurate information, and the IXDen system, being connected to the sensors, identifies mathematical anomalies and investigates the situation. With the IXDen system being totally focused on Mekorot’s equipment and sensors, checking on the transfer of accurate information such as pressure, temperature and supply, among other vital data, about 30 million bits of data get created daily at Mekorot. The consistent monitoring through technology will alert authorities to crush potential cyberattacks in the future.

As former U.S. Secretary of Homeland Security, Jeh Johnson, once so rightly said, “Cybersecurity is a shared responsibility, and it boils down to this: in cybersecurity, the more systems we secure, the more secure we all are.”

About the Author
Scientist turned techie. Founder at Neliti & Reputio. Interested in sharing lessons learnt from Tel Aviv's bustling technology ecosystem.
Related Topics
Related Posts