Abstract:Since the early 1990s, the State of Israel, ‘The Start-Up Nation’, has maintained its position as a leading powerhouse for cyber security innovation. It has been providing novel solutions, which have enhanced the robustness, resilience and security of other nations and organisations around the world, making a global impact that is non-proportional to Israel’s material size. As of today, Israeli solutions are more prevalent than ever before, protecting billions of people, sustaining the continuous supply of vital services, safeguarding governments and economic infrastructure, and ensuring the security and safety of business and individuals across the globe. The Israeli cyber security industry — relying on its skilled and creative human capital and empowered by long-standing government support and a unique synergy with the world-renowned Israeli academia — has been a key component of the local vibrant security-oriented ‘ecosystem’. It is a prosperous ground where cyber security exceptionalism and excellence can flow and thrive. As such, Israel serves as a global incubator for corporations and individual entrepreneurs alike; those that seek to tap into and embrace Israel’s unique culture, which cultivates entrepreneurship, fosters ingenuity and celebrates the audacity to undermine conventional thinking. When one reviews the ‘Six cyber threats to really worry about’ in the MIT Technology Review and focusing on the ‘ransomware in the cloud’ and the ‘cyber-physical attacks’ options, something is missing — the attacks are sure to happen, but how will they spread out? What is the most likely attack vehicle? As cyber security products are becoming better and more sophisticated, a potential attacker needs to take into account the multiple barriers that they will encounter when trying to launch a cyberattack on a certain enterprise. The attacker, though, has one great advantage; in most cases, they can run a full model of the cyber-security scheme that they will be facing. The cyber specialists that work for a cybercrime organisation live among us; they dig into the same WikiLeaks information, and take part in various conferences and expos. A resourceful cybercrime organisation can set up a complete model of their targeted victim and sandbox their attack. A resourceful attacker will not use ‘plain’ statistical attacks such as a ransomware campaign, knowing that if they target a bank or insurance company, it is most likely that they are well protected against those ‘standard’ attacks (assuming that they follow best practices for cyber security). The attacker may decide to attack an enterprise by using a counter-artificial intelligence (AI) methodology that can outwit existing AI detection algorithms. Another great attack vehicle would be through the use of manipulated hardware or firmware introduced into the organisation through an internal abuser or supply chain. As some cybercrime organisations still ‘support’ legacy crime activities, such as a silent penetration into a facility, obtaining employee extortion and basic human manipulation, ‘qualifications’ that resonate well with their goal of physical penetration into the organisation. In addition, as the use of cloud-based services becomes even more frequent, the cloud vendors themselves become the ultimate prize — the Holy Grail — if you can gain access to a regional data centre and access the data running in it, substantial gain awaits you. The cloud vendors are considered state-level targets as well, owing to fact that cloud vendors heavily guard their data; a ‘promising’ attack would be to tape-out a manipulated chip (ie, a serial peripheral interface [SPI] bus controller) that will ‘find’ its way to the motherboard later when assembled in a server supplied to a cloud vendor. This paper will familiarise the reader with Israel’s cyber security scene and its specific strong points. An analysis of 2017’s cyber security incidents will be conducted, upon which an analysis of the forecast for 2018 will try to predict what to expect in 2018. Various startup companies in Israel can shed some light of what are perceived to be the next threats.

Cyber security developments in Israel

Threats and Opportunities with AI-based Cyber Security Intrusion Detection: A Review

Cyber Security; Etiology and Importance

A Comprehensive Review of Cyber Security Vulnerabilities, Threats, Attacks, and Solutions

Mitigating the Risk of Advanced Cyber Attacks: The Role of Quality, Covertness and Intensity of Use of Cyber Weapons

Cyber Security Awareness, Knowledge and Behavior: A Comparative Study

Cyber AI Research Trends

Emerging Threats in Cyberspace: Implications for National Security Policy and Healthcare Sector

Cyber Security Threats and Countermeasures in Digital Age

ANALYSIS OF CURRENT THREATS TO THE INFORMATION SECURITY OF ORGANIZATIONSAND THE FORMATION OF THE INFORMATION PLATFORM AGAINST THEM

An In Depth Analysis of a Cyber Attack: Case Study and Security Insights

Evaluating the Security of Aircraft Systems

A Novel Approach to the Behavioral Aspects of Cybersecurity

An Analysis on Challenges Faced by cyber Security on the latest Technologies

The cyber security threat stops in the boardroom

Cyber-Security Challenges in Aviation Industry: A Review of Current and Future Trends

Cyberattacks on Energy Infrastructures as Modern War Weapons—Part I: Analysis and Motives

Dangers of succumbing to bias in cyber security : An evaluation of the impact of cognitive biases on threat assessments and cyber security strategies

Outer Space Cyberattacks: Generating Novel Scenarios to Avoid Surprise

A holistic and proactive approach to forecasting cyber threats

Dancing on the Razor’s Edge: A Foundational Review of IoT Exploitation and Defense through the Lens of TECHINT Collection