Comprehensive coverage

Where does responsibility pass between the government and an attacked company?

This is one of the issues that the cyber headquarters in the Office of the Minister of Defense is asking the researchers of the Multidisciplinary Center for Cyber ​​Research at Tel Aviv University to solve, which held its first conference last Wednesday. The head of the center, Prof. Yitzhak Ben Israel: "From the perspective of over 20 years of working on the subject, I see that interdisciplinarity is at the heart of the cyber field" * At the new center, research proposals are awaiting from all over the university.

Data Security. Illustration: shutterstock
Data Security. Illustration: shutterstock

The hacking of Sony computers sharpens the question of where the line of responsibility lies between the state and private companies, especially those that have been attacked by states. This is one of two major issues facing the National Cyber ​​Headquarters at the Prime Minister's Office, as presented by Dr. Tal Steinherz, chief technologist at the National Cyber ​​Headquarters, at the opening conference of the Multidisciplinary Center for Cyber ​​Research at the Blavatnik Center at Tel Aviv Interdisciplinary Cyber ​​University Research Center (ICRC) held last Wednesday.

The second issue presented by Steinherz is a technological issue - how to increase security against cyber incidents on internet infrastructures that were not intended for this when they were designed.
"The government cannot replace researchers. So far, four research centers have been established, but Tel Aviv University is the first to take up the challenge and attack it not only in its technological aspect but in a multidisciplinary aspect that includes technology as well as law, psychology, international relations and more. Research in the field of cyber will greatly influence the progress of the subject but will also cause changes within the university in the connection between different disciplines.

Dr. Avitar Matanya, head of the National Cyber ​​Headquarters added, "This day is a celebration not only in establishing a common platform on problems and issues in the cyber field. Today we mark three years since the establishment of the National Cyber ​​Headquarters at the Prime Minister's Office."

"The academic activity at Tel Aviv University in general is one of the more important activities we promote. It must be a layer in the activity of the headquarters because cyber is going to have a decisive impact on the economy, industry, society, security and more. If in the past the feeling was that it was a field for young geeks, this is not the case, social and economic progress cannot be achieved without a secure center.

The president of Tel Aviv University, Prof. Yosef Klefter: "The issue of security touches on many aspects, which makes the issue interdisciplinary and attracts researchers from different faculties." We take down the partitions and connect the parts of the campus."

"Multinationalism also adds different aspects. About 10 days ago, a group from Tel Aviv University returned from India and one of the topics they discussed was cyber, and ties have already been established for collaborations between Indian industries and the university. In conclusion, Prof. Clifter thanked his donor, Len Blavatnik, who continues the tradition of donations after the large donation he gave to the School of Computer Science."

The head of the center, Prof. Yitzhak Ben-Israel says that the event is an antidote to Israeli cynicism. "The speed with which all the university officials, the lawyers, the cyber headquarters and of course the donor, Blavatnik, testifies to the importance, when five years ago no one knew what cyber was."

"From the perspective of over 20 years of dealing with the issue, even before it was called cyber, in the IDF and outside the IDF, I see that interdisciplinary is at the heart of the issue. It is a fact that the first question - who should be responsible for cyber is not a technological question. It belongs to political science, society, law and democracy. The second question is indeed a technological one: given the networks and computers that exist today, can we create a situation where communication will be secure, but without understanding all aspects of the problem, it will not be possible to choose the right technological solution."

"Researchers from all faculties of the university participate in the center except for art. The people who sit here come from the various faculties. Computer science and engineering are the core of the practice in cyber, but in the voice of the reader we also emphasized the fields that are not purely technological and mathematical. "Our center will become a world-class cyber center, which requires us to engage both in foreign relations and to strengthen our relationship with the industry."

Prof. Ran Kanti, head of the center's scientific committee detailed the process of selecting the studies to be funded by the center: "We are announcing a call for research proposals. The studies are open to all researchers from the university and their research partners from all over the world."

The proposals are divided between individual researchers who want to test specific directions, proposals of two or more researchers from the same department, and large multidisciplinary proposals. In each of the tracks, research grants will be given for periods of between one and four years.

The proposals will be classified according to academic excellence and in addition priority will be given to research that is relevant to our immediate needs today as raised by the cyber staff, the needs of industry and the needs of Israeli and human society in general with an emphasis on cross-disciplinary issues. We would like to fund research that is difficult to find funding for in the various disciplines.
The initial offers in some tracks must be submitted by January 18th and the rest by February 1st.

Finally, we will return to the two questions as detailed by Steinherz

"In whose hands is the responsibility for the integrity of the cyber systems - the government or the companies (such as Sony)? Who is responsible within the company - the security manager or the CEO (Target's CEO retired after the disclosure of the hack and the disclosure of the credit information of millions of buyers)? Is there responsibility for the NSA and its equivalents or the government?"

"It is clear that the responsibility for the computer systems lies with the commercial company because it is the core of its business, but it does not occur to us that a company can deal alone with an attack by a state. Nor will the company that was attacked be allowed to attack in response or even attempt to collect information. This is a regulatory question - what to demand from the companies and when to come to their aid is a question that needs to be closed on all its sides in legal, ethical and other aspects, and not only in the technological aspects."

"And as mentioned, the second field we want to investigate is, after all, a technological field: information security in the communication infrastructure and the Internet. When they developed and built them, the issue of information security was not a priority. These infrastructures were developed in order to optimize traffic, ease of use, but not security. The question we ask the researchers is, is it possible to increase the security of these infrastructures without destroying everything and rebuilding?"

"I hope that the new research center will be a good hotbed for both questions, brainstorming and answers. If he is led in the right way - and I know Prof. Ben Israel, he will not only be a leader in Israel but also among the leaders in the world and will contribute to all of humanity," concluded Steinherz.

18 תגובות

  1. Israel should stop being afraid of Iran and file a huge lawsuit against it for breach of contract because Iran is claiming ownership of the oil pipeline between Eilat and Ashdod, a project it has not invested in since the XNUMXs. Therefore, it has no right to criticize Israel because it did not act in good faith. It is enough to play, in my opinion, yes, we have atomic weapons - and we will not use them as long as they do not use such weapons on us. Yes, we have cyber capabilities, and we need to give the public protection so that their rights are not violated The citizen. The leadership (Bibi) should speak at the level of the poor, enough with the contempt for the people!

  2. Shulamit Aloni referred to the fact that an official wanted to drop a bomb on Iraq, but this was rejected because "we only have large bombs", probably hydrogen. The question regarding cyber is whether it is used properly, for example a prime minister who can intercept negative talkbacks - just an example. Is there Criticism of the Great Power? Regarding the effectiveness of the atomic weapon, it is doubtful because it did not prevent Saddam from launching missiles. It is a shame that there is no open discussion on the issue of the effectiveness of the atom as a weapon.

  3. Regarding an atomic bomb, apparently Israel had such a bomb in 73, and there are even claims that at one point it seemed that Israel was doomed and they put a plane in the air with a nuclear bomb for the purpose of use.

  4. Regardless of atomic or cyber. The State of Israel is a rather failed institution, it gives out payments of a current + look for me in the round. Taxes are ineffective, and in some cases insufficient. In addition to a weak deterrent on tax evasion issues. The Electric Company cannot set a rally rate to generate electricity, therefore accumulating Horrible deficits. They will be rolled out to the public. (The one who determines the electricity price is the Electricity Authority.

  5. Miracles why don't you study history? And don't threaten me, this site is managed excellently
    For Abby Belozki to publish my comments. I no longer have the patience for this.

  6. If someone really wants to contaminate Iran with nuclear radiation, then they can fire a conventional missile at a civilian nuclear reactor.

  7. Having atomic weapons did not prevent the Yom Kippur War! And whoever wants to kill hundreds of thousands of innocent citizens is a defector!

  8. Anonymous (unidentified) user
    I think the only reason Israel exists is the fear of our neighbors that we have atomic weapons. Try to maintain a culture of speech...

  9. If the cyber capabilities are not implemented then they are unnecessary. If Sony was Israeli and we wouldn't do anything why is there a cyber headquarters? Another matter seems to be that Israel has an atomic weapon, and it is unnecessary! Because only a defector will use it. This is because Israel is not a signatory to the Treaty on the Non-Proliferation of Nuclear Weapons, it hurts Israel!

  10. If the cyber headquarters knows about illegal activity, it is obliged to report it to the police. It is a shame that the police do not have representatives at the cyber headquarters. The IDF also needs representatives to respond to sabotage activities of an enemy state.

  11. Correcting typos:
    1) Instead of "the comment" you should have written "the evaluation".
    2) instead of the conjunction ""of Sony." It should be written "by Sony:" that is, the last sentence is an explanatory sentence of the sentence that preceded it.

  12. What is this nonsense! If I steal in France, the French police will arrest me. Outsourcing is an escape from responsibility, contractor workers are less efficient and more expensive! But they don't require warranty.

  13. Safkan
    Your assertion that North Korea was blamed for obfuscation is no better than what you yourself blame...

    Regardless of this case, look at homeland security - do we need the police? Why not put the responsibility on each of us? In the past it was indeed like that, there was no police and each family took care of itself. It is an unequal situation, therefore not accepted in the modern world.

    In principle you are right, but it does not help. The public is also responsible for its health, so each of us will decide which medicine is suitable for each disease, or which vaccine is recommended?

    Beyond that, do you trust the Israeli public and the embarrassing government they elected? 🙂

  14. The discussion is theoretical, because at the moment the comment is that Sony was not attacked by North Korea but by an internal employee of Sony. The mention of North Korea as the cause of the attack was made only for obfuscation.

  15. Do not understand the question.
    In a democratic country responsibility goes where the majority of the public decides it goes.

Leave a Reply

Email will not be published. Required fields are marked *

This site uses Akismat to prevent spam messages. Click here to learn how your response data is processed.