More like this

Security

Brits need chutzpah to copy Israeli cyberspies' tech creche – ex-spooks

GCHQ needs culture change first

Feature Israel's intelligence agency, Unit 8200, has been a production line for hi-tech startups since the 1980s, a success British politicians are now seeking to emulate. Yet replicating that success in Blighty may be difficult because of cultural and environmental differences that may prove difficult to overcome.

Cabinet Office minister Francis Maude MP recently visited Israel, where, amongst other things, he met some Unit 8200 alumni. Cabinet Office spinners briefed the press soon afterwards about UK hopes of turning GCHQ into an incubator for the next generation of tech entrepreneurs.

Unit 8200 is reportedly staffed by several thousand soldiers, with a listening station in the Negev desert. Its exploits are said to include using a secret kill switch to deactivate Syrian air defences before an Israeli airstrike on a suspected nuclear reactor in September 2007, as well as a key role in developing the Stuxnet worm.

Alumni from Unit 8200 – Israel’s military intelligence unit – have gone on to found Check Point, Palo Alto Networks, and numerous successful security firms. This trend is continuing with the creation of new start-ups such as Cybereason, which aims to proactively detect and terminate malicious hacking operations before they can do any harm and car security start-up Argus Cyber Security, among others.

Cybereason chief exec Lior Div was awarded the prestigious Medal of Honor for his work leading an elite team within Unit 8200 prior to going into business in his own right. His latest start-up, Cybereason is marketing a cloud-based platform that allows enterprises to detect and visualise ongoing hacking and malware-based attacks.

Div left 8200 unit after six years service in 1991, well before the unit became famous for its purported role in putting together the infamous Stuxnet worm, the cyber-munition used to electronically sabotage centrifuges at the centre of Iran's controversial nuclear program.

The former cyberwarrior, who reached the rank of lieutenant whilst serving with the IDF, is reluctant to go into details of his work but it involved hands-on experience in hacking as well as defending against the best hackers across the globe. Div and his team of ex-military intelligence agents have taken their knowledge of how sophisticated hacking operations work and built a new platform that will provide enterprises with an an early-warning system capable of visualising, detecting and shutting down hacking operations.

Div did explain that his work within Unit 8200 involved cracking and reverse-engineering the malware and other hacking operations of adversaries. He is an expert in the fields of hacking operations, forensics, reverse engineering and malware analysis, cryptography and evasion.

"The Unit 8200 culture pushes you to limits," Div told El Reg. "The training lasts seven months and there's a test every week.

"You have to know the material. We weren't just learning software and coding but also hardware and mathematics."

Mandatory military service exists in Israel, with tech units getting the first pick. Maturity and responsibility comes quite early, according to Div.

"The six years I spent there was the equivalent of a PhD or even better because it involved real world experience. I was using the knowledge I gained on a daily basis."

"Within two years I was a lieutenant managing 20 soldiers."

Yoni Heilbronn, VP Marketing at Argus Cyber Security, which specialises in the emerging field of infosec for automobiles, is another Unit 8200 alumnus.

"Experience with technology gained in [military] service is applied in private firms," Heilbronn told El Reg, adding that there are 400 companies in cyber security within Israel alone.

Israeli culture where "necessity is the mother of invention" suits the fast paced world of information security development.

"The country faces multiple threats, some existential," Heilbronn explained. "There's is little time and scarce resources. The country fosters innovative ideas."

This culture of openness for fresh ideas extends to the IDF.

"Within the intel branch soldiers are encouraged to speak their minds and not be dogmatic," said Heilbronn.

Most Israeli conscripts are discharged after a few years, taking this attitude into the private sector. In contrast, GCHQ and NSA tend to work at these organisations as a long term career - so turning GCHQ into a tech incubator will require a radical change in culture.

Sponsored: 2016 Cyberthreat defense report

Next page: Different Strokes