Last week's ransomware attack on Hadera’s Hillel Yaffe Medical Center has showed us once again that one of the biggest dangers of the 21st century – besides wars, pandemics and natural disasters – are cyberattacks.
Israel is no stranger to being on the receiving end of such attacks, of which there are three different types.
The first type is your usual, run of the mill hacking, with accompanied theft and breaches of data.
The second type entails taking over a large institution's computing system in exchange for a monetary ransom – like the one we witnessed at Hillel Yaffe.
The third – and possibly most dangerous type – is a creeping takeover of a national system that causes damage to it piecemeal, and by the time someone notices, nothing can be done to repair it.
To understand this sort of attack and what kind of impact it could have, let's take the Israeli Stock Exchange as an example.
When it is reported at the end of the day that a particular stock has risen by two percent and others have fallen by five percent, no one questions that this shift is a faithful reflection of all buy and sell orders made in the past 24 hours - because no one is going to manually calculate every single transaction.
But what happens if a hostile entity secretly takes over the stock market's computers and manipulates the results? Beyond the fact that said person or group could rake in billions, what will happen after it turns out a year late that the Stock Exchange's data was falsified? Such an event could lead to a collapse of Israel's economy. The Stock Exchange is just one of the dozens of institutions that could signal the country's collapse if they ever came under attack by cyber terrorists.
Israel's government in 2003 ordered the establishment of the National Cyber Directorate to protect against such attacks – a very uncharacteristic decision given that Israel mainly solves issues after they have already blow up in its face.
This directorate bases its work on three principles.
The first principle is prioritization. The state cannot protect every individual and business, so it formulated a "two-layer" work method. Within the first layer is critical national infrastructure, while the second includes hundreds of institutions that still require a nominal level of supervision. Any individual or group not found within those two categories, are pretty much all on their own.
The second principle is 24/7 surveillance, as well as tight cooperation with other national security organizations across the world to detect any potential threats.
The third and last principle is the understanding that protection is not enough, so along with the directorate, the government also operates a dedicated intelligence agency. As with any other terror threat, the name of the game is finding the enemy before it can strike.
Preemptive actions also tend to send a strong warning message to any would-be hackers.
The successful ransomware attack on Hillel Yaffe should cause much alarm to those who oversee Israel's cyber protection, especially the fact that the perpetrators were not deterred in any way by the Israeli policies.
There is almost no tool worth "saving for later" to improve the country's cyber capabilities now, as Israel is threatened not only by greedy hackers but also by enemy states and terrorist organizations.
The possibility of a coordinated and massive cyberattack by hackers is as dangerous as any barrage of missiles.