Israel’s Electric Company Leads in Cyber Defense

By Noga Tarnopolsky | The Media Line

January 27, 2016

The Israel Electric Corporation's cyber ninja, Yosi Shneck
The Israel Electric Corporation's cyber ninja, Yosi Shneck

Plus, CyberGym is a good place for your material assets to work out.

[Tel Aviv] Politicians are funny people. Just ask Yosi Shneck, the man responsible for cyber security at the Israel Electric Corporation, the state owned monopoly that handles all of Israel’s electric needs, from production to distribution.

There he was on day one of CyberTech2016, the annual Tel Aviv extravaganza that bills itself the top cyber technology event in the region, possibly beyond, with 11,000 participants milling about, when Yuval Steinitz, Israel’s Minister of National Infrastructure, Energy and Water Resources and a close ally of Prime Minister Benjamin Netanyahu stole his thunder.

That is, if the elegant, circumspect Mr. Shneck were the thundering type.

At the end of the exhibition’s first day, Steinitz announced that Israel had succeeded in thwarting a “severe cyber-attack’ in the past week. Steinitz said the Israeli electric authority managed to frustrate the attack by “shutting down systems to prevent a virus from spreading.”

He  specified that the attack– discovered only one day earlier – was being “handled” by his ministry, together with Israel’s National Cyber Bureau, which is part of the prime minister’s office.

Somehow, Israel’s Electric Corporation (IEC) escaped his mention. “The virus was already identified and the right software was already prepared to neutralize it,” he told the conference, as if tantalizing them with the latest installment of a Millenium thriller.

“We had to paralyze many of the computers of the Israeli electricity authorities. We are handling the situation and I hope that soon, this very serious event will be over.”

The attack, he went on to explain, was no more than another example of “the sensitivity of infrastructure to cyber-attacks, and the importance of preparing ourselves in order to defend ourselves against such attacks.”

“Steinitz did not identify the attackers, or say whether his ministry had any suspects,” the Israeli daily Haaretz reported, adding that a spokeswoman for the Electricity Authority confirmed there had been such an attack, and that, as a consequence, some of the authorities’ computer system had indeed been shut down —for two days.

How it was possible to shut down a system for two days when the flaw had been discovered only a single day ago was not made clear. To Haaretz, the spokeswoman added that she believed “we are going to solve this problem in the coming hours.”

Meanwhile, Shneck, the man actually in charge, had a very different, more complex story to tell.

Interviewed by The Media Line, Shneck said that Israel’s most recent close call was actually no virus but an attack of ransom malware, the sort that attempts to encrypt files on a system’s drive, which then can become difficult or impossible to decrypt without paying a ransom for the encryption key.

This occurred, he said, “in recent months.”

The attempt “failed completely,” he said, but “it was the closest we have suffered in the past months or so.”

Did he know where the malware originated? “Maybe I know, but I cannot answer that,” he responded quietly, with a rakish smile.


The IEC is responsible for the electrical requirements of all of Israel and much of Palestine, comprising some 12 million people. It is a prime target for cyber-based evildoers the world over.

Shneck said his company faces between 4 to 20 million threatening cyber “events” in an average month. The figure is so elevated “because we are an island,” Shneck said, referring to Israel’s geographic isolation, and because of the potential for “terrible damage to our country.”

On the up side, the company is known the world over for its expertise in foiling catastrophic cyber events.

The IEC is half owner of a CyberGym,  a firm co-owned with the company CyberControl, that offers clients the virtual (but not really virtual) experience of defending themselves against attacks. In lay terms, CyberGym copies the client company’s information technology (IT) system, installs it in its own facilities in central Israel, and hires hackers and malware troublemakers to try to attack the system—which the employees on this strange international high-stakes reenactment field trip can then battle.

Maor Sorero, a CyberGym training developer, said the firm, which is three years old, had already hosted clients “from all corners of the world,” and that on CyberTech’s first day he had been approached by potential customers from Asia, the United States and South American, mostly.

Among those milling about, Andy Pascoe, a Torontonian in business development, commented that “very few places” have the facilities or the experience that CyberGym offers. He did not seem to think the idea of an international jaunt to play-act cyber defense was far-fetched.

Pascoe was chuckling about the fact that at CyberTech, of all places, the WiFi had collapsed (11,000 users proved too much for the exhibition grounds’ infrastructure and about Israelis’ reaction to the weather, where it was a blustery 37 degrees or so, a chill that causes local nerves to fray. “This is balmy,” Pascoe joked.

The IEC does not operate according to a standard model, with “layers” of firewalls and detection systems. Instead, “we work on a model called ‘cyber everywhere,’ Shneck said, “we see in every activity a possible environment to use as a possible cyber-attack environment. Everything moving in the company, we see as a possible cyber platform.”

“It is not a system so much as a methodology comprised of some proprietary hardware and some standard commercial systems, integrated,” he explained.

A full-time team of 100 experts work on Shneck’s team, with support from a similar number who work on cyber threats part time.

He did not mention Steinitz’s virus, but explained his philosophy, which is that “any event can develop into a very dangerous thing. We have some events in our company that if not treated properly and with super professionality and understanding they could end with a huge crisis in the company and in Israel.”

As expected of a man who believes that any event could quickly turn cataclysmic, Shneck is not a big sleeper. “Three hours out of every twenty-four,” he says, with good cheer. “It’s because I am so worried all the time that I am not sleeping.”

“More than ten” foreign utility companies are currently in negotiation to purchase the IEC’s integrated method.

Print Friendly