AML Intelligence
Business Intelligence on AML and Financial Crime for Executive Leaders

Cyber, Technology

In a dusty corner of Israel, hackers change cancer records to test cyber defences in the ongoing battle against bad actors

By Stephen Rae
By Stephen Rae

Publisher, AML Intelligence

This week the head of Israel’s Cyber Directorate confirmed that the agency is now beginning to look at working with the United Arab Emirates on combating cyber attacks.

The detente between the former enemies shows how in the cyber world most advanced countries face the same foes – organised crime gangs and bad State actors intent on using cyber attacks to steal and launder money.

As information technology increasingly becomes operational technology and the Internet of Things becomes the Industrial Internet of Things, it is absolutely critical that all in the financial services and banking sectors have robust cyber defences to withstand hacking from criminal and state actors.

Ahead of International Fraud Prevention Conference 2020 in Dublin where we discussed emerging cyber threats and how to combat them, I visited Beer Sheva in the south of Israel. Once a small Bedouin town in the Negev desert dependent on agriculture, now it’s Israel’s ‘cyber city’.

In a nondescript office park on the outskirts lies the home of one of Israel’s biggest exports: cyber tech.

Cyber businesses who locate here get 20pc of staff wages back in tax breaks – encouraging the likes of IBM, Dell, PwC and Deutsche Telekom among others to relocate research teams here, with close relations to the nearby university.

Of course, being outside the scope of EU privacy laws may help too, I suspect.

One of the interesting encounters was with Oleg Brodt, the R&D director of cyber at Ben Gurion University.

Brodt described how they seek out youngsters in primary school who have an aptitude for maths and nurture them all the way up to college.

We see how a 17-year-old student hacks into the 3D printer for a drone and inserts a design flaw that ensures after a few minutes of flight the drone drops out of the sky.

More frighteningly, we hear about the threats of cyber attacks on our healthcare systems.

Brodt says in 2018, clinics and hospitals were hit with numerous cyber attacks. “Attackers can alter 3D scans to remove existing or inject non-existing medical conditions,” he reveals.

Why? “An attacker may do this to remove a political candidate or leader, sabotage or falsify research, perform murder or terrorism, or hold data ransom for money,” he says.

To prove the point, students test hospital security – with the permission of one institution. Their ease of access is frightening.

While medical staff are busy, the students insert a $40 (€36) hacking device into a floor cable and, in seconds, breach the hospital’s computer system.

From the waiting room area, they are able to change the CT scan of a patient by ‘inserting’ a tumour. They also ‘remove’ a tumour from another scan, making the patient appear cancer-free.

The fake scans are so real that by “using deep learning, an attacker can fool expert radiologists and even state-of-the-art AI, 98pc of the time in the case of lung cancer”.

Similarly, hackers can change the blood type records of a patient, which would have catastrophic consequences in the event of a transfusion.

After this sobering display of the risks posed to healthcare records, a short walk brings us to another nondescript building. We are at the Israeli cyber command centre – the National Cyber Directorate.

Teams in several security operation centres attempt to stop hacking into the health, energy, banking, telecoms and transport infrastructures.

The agency operates a ‘119’ hotline where anyone can report a suspected cyber incident – which allowed advance warning of the Wannacry event.

“The most immediate technological challenge confronting Israel is to protect artificial intelligence-based vehicles from being hacked,” says Yigal Unna, the directorate’s chief.

“Artificial intelligence is the new battlefield that will accompany us in the near future,” says Unna. “The immediate challenge before us is artificial intelligence vs artificial intelligence (adversarial AI) – attempts to cause AI-based vehicles to act contrary to their programming in order to cause damage.”

He claims the body and other agencies have blocked every single cyber attack on critical infrastructure in 2019.

During the visit, local media reported 700 attempts to hack into systems at Tel Aviv Airport, as hackers tried to disrupt flights of international leaders at Holocaust memorial ceremonies.

Later, the head of the electrical company reported 11,000 attacks every second in 2019 – all foiled by cyber defences.

From a European context, what may be most applicable is the free hotline to report suspicious incidents.

The free cyber defence capabilities offered to banking and energy sectors are also relevant, along with the pipeline of technical expertise from colleges.

There is lots to learn from the agile and nimble teams here on the frontline of the cyber threat to financial services.