The technology developed by spyware company NSO should be more strictly regulated but not completely rejected, the Israeli cybersecurity guru said – although he admitted that the scandal surrounding the Herzliya-based company was blackening Israel’s reputation. .
NSO scandal “spoils our name,” said Professor Isaac Ben-Israel, who headed the task force that defined Israel’s national cybersecurity policy, in a recent interview with The Times of Israel from his office from Tel Aviv University.
Ben-Israel was head of military research and development in the IDF and the Ministry of Defense from 1991 to 1997. In January 1998, he was promoted to major general and appointed director of the R&D Directorate of Defense at the Ministry. During his service he was twice awarded the Israel Defense Prize. After the military, he played a central role in establishing Israel’s National Cyber ââBureau and other authorities protecting national civilian and security infrastructure from cyber attacks.
Ben-Israel said that of all exports of Israeli cybersecurity products and services – which account for around 10% of global market sales – offensive products like those developed by NSO and Candiru, two companies recently blacklisted by the US Department of Commerce, are only a “small percentage” of the total.
Unfortunately, in the public eye, this is irrelevant as people tend not to distinguish between defensive and offensive cybersecurity tools. As a result, the damage to Israel’s reputation is considerable, said Ben-Israel, 72, who today heads the ICRC – Blavatnik Interdisciplinary Cyber ââResearch Center at Tel Aviv University.
NSO’s flagship spyware, Pegasus, is considered one of the most powerful cyber surveillance tools available on the market, and experts say there is no defense against it. The software gives operators the ability to effectively take full control of a target’s phone, download all device data, or activate their camera or microphone without the user’s knowledge. The company has made headlines around the world as revelations about the reach of its technology and the consequences keep mounting.
This summer, Citizen Lab and Amnesty International unveiled an in-depth investigation that found the company’s software had been used by many countries with poor human rights records to hack the phones of thousands of human rights activists. , journalists and politicians from Saudi Arabia to Mexico.
As a result, NSO faced a torrent of international criticism of the allegations, with increasing diplomatic fallout as Israeli allies, such as France, demanded responses amid reports that Pegasus was being used inside. of their borders.
The Washington Post reported last month that NSO’s Pegasus spyware was placed on journalist Jamal Khashoggi’s wife months before he was assassinated at the Saudi consulate in Istanbul in 2018. Others reports claimed that the spyware had targeted Polish opposition politicians and an Indian. activist.
The blacklisting of the two Israeli companies by the United States has prompted Israel to drastically reduce the number of countries to which local companies can sell cybertechnologies and to impose new restrictions on the export of cyberwar tools. The Israeli Defense Ministry must allow the sale of the products of spyware companies abroad.
NSO, for its part, said its products are only intended to help countries fight serious crime and terrorism.
The resulting fallout heavily affected the company, which was at risk of defaulting on approximately $ 500 million in debt and saw its credit rating take a dramatic hit, leading to credit problems.
It is said that NSO is plans to shut down its Pegasus operation and sell the entire company to a US investment fund, Bloomberg reported in December, citing officials involved in the talks.
The role of the Israeli government
Private companies can freely export defensive technologies. But for offensive or even potentially offensive weapons, including offensive cybertechnologies, private companies must obtain a special export license from the government, Ben-Israel said.
“As far as I know – I’m not part of NSO – in any case, they got an export license,” Ben-Israel said. âSo if there is a problem, maybe the government has been too easy on giving them the license. The problem does not come from the ONS but from the government.
Technologies such as those developed by NSO are used by governments to hunt down criminal groups as well as terrorist groups, Ben-Israel said, arguing that these types of offensive tools are “essential” for democracies. “You don’t want to live in a country [that] has no way of tracking down terrorists or criminals.
But some governments have clearly abused these technologies to use them against dissidents, he said, and that is the problem.
âNSO is not a service company,â and does not track itself, Ben-Israel said. NSO sells the technology, after which the governments that buy it use or abuse it, Ben-Israel said.
When a terrorist stabs someone or rams a car into people, he thought, the fault lies with the gun carrier or the driver, rather than the knife or the automaker. âThe same is true with NSO,â he said. âThe Israeli government gave them a license to sell to certain countries like Mexico and others, [to be used] for good reason. If these countries have used it for different purposes, he asked rhetorically, is the ONS to blame?
Sometimes, Ben-Israel thought, you build something with good intentions, “and somehow you lose control of it. What can be done? I don’t knowâ¦ What can you do, stop developing this type of technology?
“We need them. The free world needs them,” he said.
Cars are one of the leading causes of death today from traffic accidents. But no one would say that “we should go back to horses and donkeys,” Ben-Israel said. Instead, legislation and new safety features have made cars less deadly than they used to be.
âSometimes everything you introduce costs you. “
In the long run, he predicted, the Israeli cybersecurity industry as a whole will not be significantly affected by the spyware scandal. âBut if you look at NSO or Candiru, or those kinds of businesses, it will significantly affect them. It could even destroy businesses,â he said.
Ben-Israel was appointed in 2011 by then Prime Minister Benjamin Netanyahu to lead a task force tasked with formulating national cyber policy. This resulted in government resolutions aimed at making Israel a global cybersecurity powerhouse for both defense and the economy.
âThe goal was to position Israel among the top five cyberspace countries by 2015,â he said.
The hope was that Israel would account for 3% or, hopefully, 5% of the global cyber market share. âBut there are a lot more of us today. The economic figures are overwhelming.
Israel’s exports of cybersecurity products total some $ 10 billion, of which about 10%, or $ 1 billion, are believed to be exports of offensive software, according to Calcalist.
In the first half of the year, Israeli cybersecurity firms raised $ 3.4 billion in 50 deals, and seven of them became unicorns – private firms valued at over $ 1 billion – Israel’s National Cyber ââSecurity Directorate said. The semi-annual figure represents 41% of the total funds raised by cybersecurity companies globally, and is three times the amount raised in the same period a year earlier, according to the data.
Israel’s next challenge, said Ben-Israel, will be artificial intelligence, one area. like cybersecurity, in which Israel can have a global strategic advantage.
He submitted a five-year plan in 2019 to place Israel among the top five countries in the world for artificial intelligence, a year after being commissioned to do so by Netanyahu.
But due to political turmoil comprising four elections in two years and a lack of a national budget, “The National Initiative for Secure Intelligence Systems” is still on Ben-Israel’s desk, waiting for the new government to discuss and approve it. plan.
âWe have already lost three years because of politics and the elections,â he said. âI hope we won’t waste another three years with the new government.
Ricky Ben-David contributed to this report.