Employees, mostly veterans of military computing units, work at a cyber hotline facility at Israel’s Computer Emergency Response Centre (CERT) in Beersheba, southern Israel February 14, 2019. Photo: REUTERS/Amir Cohen.

CTech – Military cyber technologies that leaked from state institutions are now the primary cyberattack tools used by civilian companies and organizations, according to Brig. Gen. (res.) Daniel Bern, co-founder and CEO of cybersecurity company Otorio Ltd. A decade ago, he said, the majority of cyberattacks were launched by armies and government agencies and organizations, and most of the attacks targeted them, too.

“Recent years saw tremendous technological advancements, including cloud technologies and IoT, and the risk of cyberattack became more prevalent among non-governmental bodies,” he told Calcalist in a recent interview. “A lot of organizations have sustained a ransomware attack, but connectivity changed things,” Bern said. “These attacks used to target an organization’s administrative computing layer but today they target the manufacturing facilities, which suffer from a defensive disadvantage.”

In his last military role, Bern served as chief cyber defense officer and chief information officer of the Israeli army. This is his first interview since retiring from active duty. “Today, I see the same velocity of attacks that I used to see in the army, but they are targeting hospitals and schools,” he said. “I find myself dealing with organizations that are not conceptually prepared for this type of threat. These organizations lack the skill and appropriate personnel and boards tend to underestimate cyber threats,” he said. “Civilian life is very similar to my life in the military, but the resources and attention are not there.”

Bern’s outlook for the next decade in cyber protection is not very rosy. “I think the biggest cyber disasters are still ahead, mostly due to the increased potential for devastation,” he said. According to him, one of the issues coming out of the recent attacks on oil refining facilities in Saudi Arabia, is the lack of real response in the aftermath. “It raises the level of tolerance,” Bern said. “Next time, it could be an attack that plunges an entire city into darkness.”

Bern forecasts that countries, including Russia and the US, will begin using cyber warfare more broadly. “Cyber has become the silent weapon of the world’s great powers,” Bern said. “The risk is that it is becoming a legitimized sphere to operate in, to promote geopolitical agendas without tarnishing your reputation. The potential for devastation is great, but there’s a lot of deniability.”

Founded in 2018, Tel Aviv-headquartered Otorio develops a dedicated cyber platform for the manufacturing industry. In practice, it manages a factory’s defense system from end to end, including risk assessment, strategy implementation, and risk management tools.

According to Bern, ransomware attacks on industrial facilities are already causing damage valued at billions of dollars each year. He sees similarities between his military role, protecting the Israeli army’s information technologies (IT) systems against cyberattacks, and his current work in industrial cybersecurity. “The IDF has a lot of IT, but also a lot of OT (operational technologies), which are similar to industrial systems,” he said. “The same wave of transformation to IoT (internet-of-things) that happened in the IDF a decade ago is now coming to civilian companies.”