Rafael Advanced Defense Systems is the primary contractor providing the Israeli National Cyber Bureau and National Cyber Authority with the solution for cyber threats at the national level. An exclusive Interview with Ariel Karo, the head of Rafael's ISTAR Systems Directorate Dan Arkin | 9/03/2017 Send to a friend A+A-Size Share on Share on Illustration: Bigstock "The national cyber project (CERT = Cyber Emergency Response Team) is currently Rafael's flagship project. We invest our best capabilities and people in the CERT project and National Cyber Bureau so as to come up with the best possible product. It is a revolutionary move, which has already improved, by very substantial orders of magnitude, Israel's defenses against cyberattacks," says Brig. Gen. (res.) Ariel Karo, Head of Rafael's ISTAR (Intelligence, Surveillance, Target Acquisition & Reconnaissance) Systems Directorate and formerly the IDF Chief Intelligence Officer, in an interview to Israel Defense. Rafael Advanced Defense Systems is the primary contractor providing the national cyber authority and the National Cyber Bureau with the solution for cyber warfare threats at the national level. Many of the details regarding the CERT project and Rafael's involvement in it are still confidential, but Ariel Karo had this to say about it: "We designed the center and we are erecting and operating it with a vision for five years ahead. Personnel recruitment, training, physical construction – Rafael is extensively involved in all of these activities from the design stage through the establishment and operation stages. For this purpose, an international coalition was established under Rafael's leadership, with EMC, IBM, Cisco and Matrix serving as subcontractors. Their role is to develop solutions that would provide Israel with cutting-edge capabilities in the field of defense and security against cyberattacks." The solution is a unique Israeli development, based on a different concept, which combines the knowledge of innovative local startups. It would provide cyberspace security and enable the authorities in charge to thoroughly analyze the threats, adapt the methods of operation and operational tools for dealing with those threats and delivering a focused response. What is this unique and unorthodox solution? The answer has to do with a philosophy developed by Rafael with regard to cyber warfare, which maintains that fighting a cyberattack consists of detection/identification and prevention of damage. Rafael's cyber technology specialists are willing to assume that the attackers will hack into the defending side's system. The problem is how to prevent damage once the hackers have gained access into the system. Karo uses an analogy from the world of biology: "Even if you failed in your detection effort, you should still see to it that you do not fail in preventing the damage, like the biological model of the human body – which is full of bacteria. Even if you contracted a germ, a treatment should be found that would prevent that germ from causing damage. This is an innovative concept in the field of cybersecurity." As far as cyber warfare damage is concerned, the people at Rafael stress that attackers are currently acquiring capabilities that only states had possessed in the past. "Cyberspace is currently the battlefield of the civilian realm. The targets being attacked include banks, critical infrastructures, insurance companies and vital installations. Consequently, the defense and security solutions must switch to a higher phase: not just products, but holistic and even hybrid solutions which incorporate more than one technology. Using off-the-shelf products that are available to anyone is dangerous, as the cyber attackers are thoroughly familiar with them." Obviously, holistic cybernetic solutions always stem from the preliminary stage – threat analysis. Once the threat has been analyzed and a solution has been found – that solution may be new and innovative and may also be based on existing security products. The range of products the client possesses and the new solutions produced by companies like Rafael, says Karo, are placed on the table, and by integrating all of the entire material you must assemble an orchestra that would play in harmony and be able to provide defense and security against cyberattacks. Wisdom Stone Rafael currently offers several families of cybersecurity products. The RCDC (Rafael Cyber Defense Center) series – products designed for national-level defense with derivatives for the civilian world: large organizations, banks, civilian security organizations and so forth. The SCADA Dome series – products designed for the SCADA world. These products provide defense and security for industrial organizations like electrical companies, large organizations and international banks. A cyberattack is no longer just a DOS (Denial of Service) incident. Today's attacks can destroy electrical power stations, cause chemical changes, disable aircraft and ships, raise or decrease pressure settings at industrial plants and cause giant boilers to explode. Karo warns that the cyber attackers "are starting to work on it". In this field of activity, Rafael can implement the way of thinking outlined above, according to which even if the attacker managed to penetrate the system, an effective solution should be activated to prevent damage. At the same time, the solution should also be cost-effective. The Wisdom Stone series – with this series, Rafael offers a link between cyber technology and Big Data. Every organization, be it a civilian, military, intelligence or security organization, stores massive amounts of data. The amounts of data stored by the organization increase all the time. Additionally, the increase in the scope of data also stems from the fact that more and more sources of data are added to the database (for example, unstructured data originating from the social networks). All of these elements increase the amount of data to be analyzed. The primary challenge involves the ability to manage data on scales that exceed hundreds of terabytes at very high input rates from numerous different sources and gain some value or insights from the data (data mining). The existing databases are not equipped to store and analyze such massive amounts of data. The relatively low cost of the storage devices on the one hand and the massive amount of data coming in from an extensive range of sources on the other hand, lead to a situation where massive amounts of data are kept in storage and normally remain unanalyzed. For example, in the context of the world-famous 9/11 attack, all of the information regarding the attack had been available, but the capabilities required in order to utilize that information and provide an alert regarding the actual attack were unavailable. Consequently, as of the end of the first decade of the 21st century, tools and resources were developed for the purpose of storing, managing and analyzing these massive amounts of data, under the general heading "Big Data". So, for example, in order to attempt and locate advance information on terrorist activities, data are being collected and correlated from an extensive range of open sources such as social media, border police systems, cellular communication traffic and so forth. It is extremely difficult to disseminate and distribute the mountains of data and to submit relevant information to those who need it, and the cyber technology solutions must deal with these massive amounts of information and data. The secret is in improving the data/information analysis, screening and dissemination capabilities and the ability to disseminate to the users the data they actually need. Rafael has developed a platform designated Wisdom Stone, designed to handle the massive inflow of data. This platform provides a solution for an extensive range of clients in the military and HLS markets, intelligence agencies, government organizations and major global corporations. In late 2015, Rafael signed the first major deal that incorporates their Big Data solution. The uniqueness of the Wisdom Stone system is reflected in several aspects: multidisciplinary development, scalability, real-time capabilities, user friendliness and ergonomic design. Multidisciplinary development – the development team consists of engineers specializing in diversified fields, who import into the project their respective specialized perspectives from such disciplines as mathematics, graphs, data fusion, statistics and other disciplines and 'attack' the same problem from multiple directions. This approach is essentially different from the standard, focused approach which does not incorporate solutions from different disciplines and consequently keeps coming up with the same results. Rafael possesses knowledge and experience in operational processes and a profound understanding of the Big Data world in the military and paramilitary contexts. Scalability – the system may be revised and adapted according to the amount of data to be handled, the performance characteristics required and the need to analyze structured and unstructured data. Real-time capabilities – the Wisdom Stone system by Rafael possesses unique and highly diversified real-time capabilities. User friendliness – the system is simple to operate and does not require any special skills. Ergonomic design – the system was designed to incorporate some unique ergonomic aspects that make life easier for the user. One interesting bit of information: by the year 2021, the global cloud computing service market will grow by about one trillion dollars, in order to be able to accommodate the amount of data being generated. In addition to the national CERT project, Rafael Advanced Defense System also extends its overseas efforts in the world of cyber technology: it has recently formed a partnership with the Brazilian giant Stefanini – Latin America's IT leader (22,000 employees). For this purpose, Rafael established a dedicated cyber technology and intelligence subsidiary, and the two companies are jointly developing cyber technology solutions for Latin America and 35 other countries. So far, some unique solutions have been developed mainly for the field of agriculture, as Latin America has a large number of giant corporations involved in agriculture on a massive scale. http://www.israeldefense.co.il/en/node/28800