There is a war of global proportion playing out behind the scenes. Research indicates that millions of cyber attacks take place around the world every day. The IDF’s Lotem Technology Division is responsible for defending the military’s critical infrastructure from such attacks. In an underground cyber operations room, they identify attacks, analyze risk, and work to prevent and mitigate the risks presented.

In this modern age, data, information, and knowledge have turned into the greatest assets available. Those that control information have immense power. Major multinational companies like Google and Facebook, do not manufacture concrete goods – their revenue is from their mass collection of data.

Increased reliance on digital technology has resulted in greater vulnerability to the IDF’s information and data systems. These trends present a challenge and require the IDF to maintain a clear advantage in cyber defense.

Since 2012, there have been major shifts in the cyber landscape. The tools, techniques, and technologies to carry out large-scale cyber attacks are out in the open for anyone to utilize. There is an immense amount of data out there.

According to Brigadier General Danny Bren, Head of the C4I Technology Division & the Head of the Cyber Defense Division, “the proliferation of advanced IT systems has removed the barriers to entry for cyber, relative to traditional weapons. Everybody has become a player in the cyber domain. Anybody can attack Israel from anywhere in the world in mere moments.”

As a result, many players, both big and small, have strengthened their cyber capabilities. According to Bren, “Iran in particular has invested in a multi-year plan to narrow the technological divide.”

The rapid spread of cyber capability has also led to a stark change in the form of attacks. Five years ago, most attacks were of a broad and indiscriminate nature, like the Conficker worm that was first discovered in 2008.

The worm took advantage of flaws in the Windows operating system to break into administrator accounts. It ultimately infected 9-15 million home, office, and government computers in 190 different countries. The infection allowed attackers to gain access to users’ banking information, credit card numbers, and usernames and passwords by installing software that tracked key presses.
Today, attacks are designed with a clearly intended outcome. They are narrowly targeted, objective driven, stealthy, and created to intelligently determine the weakest links in IT systems.

The C4I Technology Division’s response to these threats is three-fold. First, they focus on building resiliency to attack. They ensure that all necessary systems have redundancies and backups to ensure that everything will continue working in the event of a successful attack. . Secondly, they collect cyber intelligence to stop attackers before they can even stage their attack. And thirdly, they use real-time monitoring and system wide analysis to fend off attacks as they happen.

The threat of cyber attacks will continue to increase. “We often do not take into account the negatives of technology,” Bren relates. “No matter what advances there will be in tech, there will always be people who will attempt to exploit them. It’s been a challenging year. We have constantly been under attack. When it comes to cyber, there is no silver bullet. The reality truly exceeds imagination. I never really know how my day will end.”