In Russia there’s a hacker organization known as RBM – Russian Business Network. Its many hackers specialize in infiltrating the networks of organizations and companies, encrypting their files and then paralyzing the system. They later demand a ransom for the files’ release. The same criminals also sell passwords stolen from organizations and companies, effectively running a protection cyber-racket. The hackers keep their promise – if you pay you get your computer back. Between 100 and 150 cases were recorded so far in Israel.
Avi Weissman is the Chairman of Israel’s national information security forum (IFIS) and the Director of the See Security college for information security and cyber warfare; Mr. Weissman has come across more than a few cases like those mentioned above. His college was established in 2002 and offers a variety of information security classes. At the entrance the college displays older technologies, such as typing machines and the first cellular phone. The classes, however, involve the latest innovations in cyber security and cyber warfare.
According to Avi Weissman the cyber world is divided into three main areas:
Cyber crime, include financial crime
Cyber warfare between countries
Weissman stresses the rising importance of computers in our lives, followed by a constantly growing demand for better security: “In 2013 there were 15 life-saving, implanted medical systems, transmitting and receiving information from inside the human body. At the end of the decade there will be hundreds of these systems. Soon you’ll be able to order your home computer to turn on the air conditioning or the washing machine while still driving home from work. Your smart phone will be connected to your burglar alarm system at home. Tiny computer systems will be installed in eyeglasses. Recently, during a conference, we took over the audience’s cell phones as part of a demonstration. Today everything is computerized, everything is wide open, everything is possible.”
iHLS – Israel Homeland Security
Students in the cyber college gain experience in stopping infiltrations. They come from law enforcement and business companies; some are novice hackers themselves. The four core professional courses are:
Information security implementation; specializing in installing and maintaining information security tools
Information security architect; designing information security systems, in charge of the implementation process
Chief Information Security Officer (CISO); controlling the organization’s work processes and the human aspects of manpower
Penetration tester; known as hackers, specializing in defense against system infiltration
The lecturers are either college staff or guests and include well known and respected figures. The students themselves are security establishment officials, defense industry employees, programmers and even teenagers (ages 17+) with hacking experience interested in formal studies.
Here are the names of some classes that are part of the upcoming “Cyber Warfare – Defense and Offense” course: “The name of the game,” according to the course’s introductory description, “is knowledge, technique, initiative and quick response stemming from experience and training.” Cyber threat review, cyber attacks on mobile phones, attacks on wireless systems, collecting cyber intelligence, DDOS attacks and more.
Why do they even teach cyber attack? Avi Weissman explains: “You can’t have defense without attack, or penetration. The job of a penetration tester is to detect infiltrations. He doesn’t initiate attacks on his own, that would be illegal. You have to study cyber-attack methods in order to defend against them.”
Mr. Weisman criticized the fact that Israel doesn’t have any laws formalizing information security as a profession. He established the college in 2002, aimed at creating courses for the Ministry of Defense, its first client. “When the National Cyber Command was established two years ago we immediately recognized its authority over the college, and passed along a formal document dealing with formalizing the information security professions in Israel. The command established an inter-ministerial commission to regulate the profession, but there’s still no legal definition for information security directors.”
The college trains hackers as well, whose duties include controlling the organization’s systems, preventing infiltrations and understanding modern cyber threats. In order to be accepted students have to have proven experience with computer systems (hacking classes are not for beginners), pass ethics and creativity exams, and be prepared to invest a lot of effort into the studies. They have to pass psychological tests and personal interviews, as well. The hacker is a part of the organizations’ cyber defenses, in charge of collecting cyber intelligence, detecting infiltration attempts and more.