India-Israel: Three decades of strong ties

In year 2022, Israel and India are celebrating the 30th anniversary of their full diplomatic relations. In the last three decades, bilateral trade has increased from US$200 million in 1992 to over US$7.86 billion in 2021-22. It is expected to rise sharply once the free trade agreement is concluded.

India is attractive to Israeli businessmen. The economic relations, once dominated by defense, diamonds and drip irrigation are now driven by hi-tech, cyber security, innovation and mobility.

India’s emergence as one of the fastest-growing major economies, its democratic character and its maturing relations with the United States and Gulf countries makes it an attractive proposition for Israeli businesses.

More direct flights and opening of new routes with the Gulf airlines have significantly increased tourism in both directions.

The launch of the I2U2 group has multiplied the avenues of cooperation. It addresses the issue of financing the use of cutting-edge Israeli technologies in the price sensitive Indian market.

The Israeli TV series Fauda is wildly popular in India, which spawned an Indian remake, Taanav. The road is paved for more collaboration in the areas of cinema and entertainment.

Indians have become the largest contingent of foreign students studying in Israel.

Start-up entrepreneurs from Israel and India are extremely successful in Silicon Valley, and they get along well with each other due to numerous common values.

It has a spillover effect. A number of delegations of Indian CEOs and Family Offices have started visiting Israel on a regular basis.

The successful bid by India’s Adani Group and Israel’s Gadot Group to purchase Haifa port has paved a way for cooperation on large infrastructure projects.

Russian hackers may try to block West's access to SWIFT

Ex-IDF Unit 8200 Chief and Team 8 Co-founder Nadav Zafrir, say that in a worst case scenario, Russian hackers may try to block the West from extracting natural gas and from access to the SWIFT banking system in response to sanctions against it.

Referring to the Russian invasion of Ukraine and the spin-off conflict with the West in a speech at the cybertech conference in Tel Aviv, Zafrir said, “We don’t know how this is going to unfold. We do know that the Russians probably have, excluding the West, the best cyber capabilities, defensive, but also offensive.”

“Russia may to say to itself, if you are sanctioning our economy, maybe “we, the Russians, can make sure you cannot extract your gas either. If we cannot use SWIFT, we can take you off your SWIFT system as well.”

Earlier, former Israel National Cyber Directorate (INCD) Director Yigal Unna called Russian cyberattacks on Ukraine frightening.

Unna said, “As we see what is happen now in central Europe, it is more than disturbing, it is frightening. Cyber war is happening as we speak. We haven’t seen the worst yet.”

Describing Russian cyberattacks, he said “We are seeing ‘wipers’ (cyberattacks on websites), attacks against civilians, civilian entities and critical infrastructure, all the things we build and defend as nations.”

He warned that due to war clouds and the fog of war… we still do not see all of the consequences of Russian cyberattacks.

Next, Unna said that the rise in ransomware attacks, the amount of extortion money being demanded by hackers and the rise in the number of victims who are paying the ransoms is disturbing.

He cautioned that Israel is behind many countries in terms of formal legislation and regulation in the cyber sphere (though in the past INCD officials have said that Israel has achieved a lot through informal moves.)

Unna complimented, “All six agencies dealing with cyber security, including his agency, the IDF’s multiple units, the Mossad and the Shin Bet on “working together to win.”

In addition, he said, “Whatever worked yesterday won’t work today or tomorrow.”

He spoke disparagingly of cybersecurity corporate officers who ignored warnings on Thursday of impending cyber-attacks, saying they would deal with it after the weekend,

The attack may come before the weekend, exclaimed Unna, adding if your CISO (Chief Information Security Officer) works only ‘working hours’, well it is 24/7.”

He also took to task the slow pace at which companies deal with public government or company warnings of vulnerabilities on software, saying that the good guys take around 14-21 days to fix publicized cyber gaps, whereas the bad guys need only around nine days to exploit the gap.

“That is five to 12 days too long,” he said.

Also at the conference, President Isaac Herzog complimented Israeli cyber companies for protecting millions around the world from cyber-attacks.

Herzog said that Israel needed to move at the same fast pace as malicious actors in always improving its cyber defenses and resilience.

Also, at the conference, CybergymIEC announced new moves to enhance its connectivity with the Israel Electric Company which will also increase the company’s ability to market and sell its proprietary cyber technology globally.

Cyber attack on Israeli Defense Ministry

Reportedly, a hacker group called Moses Staff claimed that it has successfully conducted a cyber attack on the Israeli Defense Ministry, releasing files and photos obtained from the ministry's servers.

Moses Staff's website claims that the group has hacked over 165 servers and 254 websites and compiled over 11 terabytes of data, including Israel Post, the Defense Ministry, files related to Defense Minister Benny Gantz, the Electron Csillag Company and Epsilor Company.

"We've kept an eye on you for many years, at every moment and on each step," wrote the group in the announcement of the attack on their Telegram channel. "All your decisions and statements have been under our surveillance. Eventually, we will strike you while you never would have imagined."

Moses Staff claimed in the announcement to have access to confidential documents, including reports, operational maps, information about soldiers and units, and letters and correspondence. "We are going to publish this information to aware [sic] all the world about the Israeli authorities’ crimes," warned the group.

The files leaked included photos of Gantz and IDF soldiers and a 2010 letter from Gantz to the Deputy Chief of the Joint Chiefs of Staff and Chief of Intelligence in the Jordian Armed Forces. The leaked files also included Excel files allegedly containing the names, ID numbers, emails, addresses, phone numbers and even socioeconomic status of soldiers, mechina pre-military students and individuals connected to the Defense Ministry.

The group stated on its website that it is targeting the same people who "didn't tolerate" the legitimacy of Moses, seemingly the reason for the name Moses Staff.

The group's description states that it will not forget "the soldiers whose blood is shed due to wrong policies and fruitless wars, the mothers mourning for their children, and all the cruelty and injustice were [were] done to the people of this nation." The group did not clarify in its description which soldiers it was referring to.

It is as of yet unclear if the group is acting independently or is backed by a state.

Moses Staff leaked identifying information, addresses and information about packages from an attack it says it conducted on the Israel Post. The group also leaked pictures of identity cards from a number of companies it claims it attacked.

The group's website also has a contact form for those interested in joining the group.

The National Cyber Directorate stated in response to the leaks that it has repeatedly warned that hackers are exploiting vulnerability on the Exchange email service in order to attack organizations.

The Directorate once again calls on organizations to implement in their systems the latest critical updates that Microsoft has released for this vulnerability – a simple and free update that can reduce the chance of this attack.

"Over the past few years we have heard a great deal about exposure of soldiers' details and military information at various levels of classification as a result of information security failures on various websites and applications," said cyber security consultant Einat Meyron, adding that while most of the exposures were seemingly innocent, this incident shows that there are anonymous hacker groups systematically collecting such information.

Meyron stressed that attackers aiming to impact the image of Israel, a country that sees itself as a defense and cyber security power, are patient and don't reveal all their cards at once. The cyber security consultant urged companies to take information security seriously, adding that many companies can often protect themselves with tools they already have as long as they have a correct understanding of the risks and their consequences.

The attack is the latest in a long series of cyber attacks on Israel in recent years. Earlier this month, the Hillel Yaffe Medical Center in Hadera was targeted by a ransomware attack that affected its computer systems.

Cybereason also revealed earlier this month that MalKamak, an Iranian state-supported hacker group, was running a highly targeted cyber-espionage operation against global aerospace and telecommunications companies, stealing sensitive information from targets around Israel and the Middle East, as well as in the United States, Russia and Europe. The threat posed by MalKamak is still active.

Last month, a hacker group called Deus leaked data it claims it obtained in a cyber attack on the Israeli call center service company Voicenter from the company’s customers, including 10bis, CMTrading, Mobileye, eToro, Gett and My Heritage. The data leaked so far include security camera and webcam footage, ID cards, photos, WhatsApp messages and emails, as well as recordings of phone calls.

A series of cyber attacks has plagued Israeli businesses and institutions in the past two years, including Israel Aerospace Industries, the Shirbit insurance company and the Amital software company.

The National Cyber Directorate reported that it handled more than 11,000 inquiries on its 119 hotline in 2020, some 30% more than it handled in 2019. The directorate made about 5,000 requests to entities to handle vulnerabilities exposing them to attacks and was in contact with about 1,400 entities concerning attempted or successful attacks.