×

As nations compete to become cyber powers, the NSA is still the best, says Israeli cybersecurity chief

A window announcing the encryption of data including a requirement to pay appears on an electronic timetable display at the railway station in Chemnitz, eastern Germany, on May 12, 2017. A fast-moving wave of cyberattacks swept the globe, apparently exploiting a flaw exposed in documents leaked from the US National Security Agency.
P. Goetzelt | AFP | Getty Images
A window announcing the encryption of data including a requirement to pay appears on an electronic timetable display at the railway station in Chemnitz, eastern Germany, on May 12, 2017. A fast-moving wave of cyberattacks swept the globe, apparently exploiting a flaw exposed in documents leaked from the US National Security Agency.

Whenever there's a headline-grabbing cyberattack, Michael Shalyt, CEO and co-founder of Israeli cybersecurity start-up Aperio Systems, has his sleep interrupted. "People call me in the middle of the night, Michael, should I be afraid?" But that's mostly his friends and family.

Aperio protects large industrial systems, such as power companies, by analyzing data quality. And they tend not to panic easily. But Shalyt does acknowledge that there's a spike in business on occasions such as the WannaCry attack.

"It's one thing when I tell them: Look at these past examples, it can be done, the technology is not so sophisticated. But it's a different thing when it's on the TV, on the news. It's more convincing," says Shalyt. He's a former head of malware at Israel's major cybersecurity company Check Point and like many of his colleagues a veteran of the army's famed cyber unit 8200.

Earlier this year Aperio won the coveted prize for most innovative start-up at Tel Aviv's Cybertech conference. It positions itself as the "last line of defense" for large industrial systems and says that it, "detects artificial manipulations of industrial process data in real time."

Shalyt is not surprised by the WannaCry carnage. He will not comment on clients and specifics but it's clear that Aperio's business model is based exactly on the kind of vulnerability the WannaCry attackers have exploited: a reluctance among many large organizations, including crucial infrastructure companies to update and/or patch their systems.

"This is one of the scarier parts for me in the whole story. The things that we really rely on for electricity, water, gas supply health care, there's very little incentive there most of the time to upgrade the systems," says Shalyt.

"In power generation you see this all the time, they're very scared of touching their SCADA (control and data systems) and in general their networks and their configurations: It was working for ten years, 15 years. Why should I ever touch anything? If I screw something up, I'll have downtime in power. Do you know how much that will cost the company?"

He explains that installing Aperio is therefore completely non-intrusive and doesn't require any downtime. "Otherwise no one would actually do it."

Attacks such as WannaCry and many others are constantly going on, Shalyt notes. And chances are that systems will be breached: "We assume that the digital network will be breached and the latest attack is a good example of that. We don't trust that the systems are really secure either to external hackers or a cyber threat. We believe even a mildly motivated attacker will be able to breach your network."

Deterrence is sorely lacking at the moment, Shalyt points out. The unregulated nature of cyberspace too often makes it easy for attackers to get away with it. "You can reverse engineer their malware, you can understand everything about their activity, you can shut down their operation but still you won't catch the actual guy."

That's why he's in favor of something that Microsoft has mooted, a 'cyber Geneva convention'. There are very few success stories. And when it was successful, it was due to collaboration between different countries, different actors, between the security industry and law enforcement. I was part of one such organization and I know that if there's more collaboration it will really help in scaring off potential hackers."

Crucial infrastructure systems, in particular, will be faced with both an increasing amount of cyber-criminal activity and also have to be prepared for more sophisticated attacks from state actors, says Shalyt. "We have to be prepared for serious high technology attacks because this is critical infrastructure, very high priority targets."

Cyberspace is getting increasingly crowded with increasingly sophisticated players, notes Shalyt. Many countries are developing their capabilities and are succeeding in playing a role: "In the past ten to twenty years there was definitely a race to be a cyber power and many states are working towards that goal. The NSA is still the best in the world but you don't have to be the best in the world to be strong enough."

Even so, in terms of the cyber security industry, Shalyt says that Israel still has a definite competitive advantage. "There are very smart people in other parts of the world, that's not the issue. I think it's the ecosystem here both due to the army but also because there are already hundreds of cyber companies in Israel."

It's not so simple to build that ecosystem from scratch, notes Shalyt, although things could be different in ten years' time. "Maybe in China people who come out of their super-secret units will build something but right now I don't see that competition at the forefront."

Follow CNBC International on Twitter and Facebook.