“We are currently experiencing one of the most severe cyber-attacks on the Israeli Electricity Authority,” Israeli Minister of National Infrastructure Dr. Yuval Steinitz announced yesterday at the third annual CyberTech Conference in Tel Aviv. The minister assured the 11,000 attendees that, fortunately, the attack is handled by his office and the Israeli National Cyber Bureau.
It seems that ‘fortunately’ was quite an understatement, as the attack incapacitated many of the computers of the Israeli Electricity Authority. Only because the malware had been previously identified, a patch was able to neutralize the attack before it could cause considerable damage. Steinitz stressed that “cyber-attacks on infrastructure can paralyze power stations and the whole energy supply chain – from natural gas, oil, petrol to water systems – and can additionally cause fatalities.”
His warning reflects the growing concern both in Israel and abroad that 2016 will bring a wave of new cyber attacks, not on virtual assets, such as credit card and social security numbers, but rather physical ones — telecommunication towers, public transport, hospitals — an attack on the scale of that which sabotaged an Iranian nuclear facility a few years ago.
Yet, protecting critical infrastructure (yes, we know it is not sexy) is looking increasingly daunting, because despite the plethora of cyber security companies coming out of the US and Israel (respectively, the number one, and number two exporters of cyber-security solutions according to Israel’s National Cyber Bureau), only a small number deal with critical infrastructure.
Herzliya-based CyberX is one of the few that does. Founded in 2012 by Omer Schneider (CEO) and Nir Giller (CTO), both former members of an elite cyber unit “Matzov” in the Israeli Defense Forces, CyberX is developing solutions to secure what has been termed the “Industrial Internet.”
For decades, energy producers, car manufacturers, railroads and other industrials fenced off their networks from the internet and other networks, thereby securing their operations from outside attacks. However, in recent years, many organizations have converged their operational technology (OT) with their information technology (IT) systems in the name of optimization; healthcare, transportation, and assembly lines are more efficient with big data analytics and smart machines —all of which require internet connectivity. “The moment you have the industrial internet, you have a breeding ground for hackers,” Schneider, whose company was one of the 350 presenting at the cyber technology conference, tells NoCamels.
CyberX’s flagship product, XSense, overcomes that hurdle by acting as an invisible layer over the OT Networks. What the company says is a no-interruption solution, XSense begins modeling the OT networks within 15 minutes of installation. From the XSense dashboard, operators see all connected devices and any anomalies that XSense’s behavorial analytics detect, whether it is a cyber-attack or an operational malfunction.
With only $2 million in seed funding from Glilot Capital Partners, the company has already discovered vulnerabilities in the products of Schneider Electric (unrelated to Omer Schneider) and Rockwell Automation, multi-billion dollar companies whose programmable logic controllers are used globally to monitor and adjust industrial equipment. Earlier this week, the US Department of Homeland Security issued its latest advisory, crediting David Atch of CyberX with identifying another vulnerability that affects eight different Rockwell controllers.
The announcement came on the heels of another finding, in which CyberX identified the ‘BlackEnergy’ malware, which is believed to have been the cause of the Ukrainian power outages this past Christmas and the attack on Ukraine’s air traffic control this past week.
Increased investment in cyber-security
CyberX is not without competition. Indegy, another Israeli industrial cyber-security company, has raised $6 million from veteran cyber-security entrepreneur Shlomo Kramer (co-founder of Israeli cyber-security pioneer Check Point) and from Israeli venture capital firm Magma Ventures.
Moreover, investment into the Israeli cyber security sector has increased by approximately 20 percent, and will likely bring more players into the space. The National Cyber Bureau reports $500 million was invested into cyber-security companies in 2015, while Start Up Nation Central and IVC Research Center report slightly higher numbers, $533 million and $540 million respectively.
Yet, out of the hundreds active Israeli cyber-security startups (reported numbers vary between 250 and 430), only a handful of companies are engaged in critical infrastructure, and only a handful have raised seed capital or progressed to later-stage funding rounds, according to Startup Nation Central. As Schneider explains: “We’re coming to a market that is a greenfield.”
In his State of the Union Address two weeks ago, US President Barack Obama underscored that “our critical infrastructure continues to be at risk from threats in cyberspace.” Similarly, Israeli Prime Minister Benjamin Netanyahu stressed at the cyber-tech conference the importance of robust solutions for infrastructure: “The greatest curse that we face is that in the internet of everything, everything can be penetrated… Our national economies and our national defense. Everything from our personal accounts and information, our bank accounts, our power grids, our communications centers, our planes, our cars – even the way we do elections. Everything can be penetrated.”
Given that most developed countries face similar risks, “cyber-security is not hype,” as Israeli Chief Scientist Avi Hasson put it — particularly when it comes to keeping your lights on.