It is said that the battlefield of the next war will be in the cyber field, and its results, even if no bombs are caused, may be just as terrible. But cyber, hacks to steal information and “virtual attacks” are only the tip of the iceberg. Not long ago it was announced in the English media that a record number of energy thefts (electricity and water) were recorded throughout the country. A closer look at the data shows that this is a growing problem, especially in the midst of an energy crisis in Europe that is growing as a result of the war in Ukraine.
Home Office figures show that police forces across England received 3,600 reports of “illegal use of electricity” by March of this year – a 13% increase, compared to 2020-21, and the highest figure since similar records began in 2012-13. About 1,100 of them occurred between January and March – almost double the number recorded during that period in 2018-19 and 2019-20.
Who will pay?
The losses caused worldwide as a result of what is known as energy theft amount to 96 billion dollars per year. This is a serious problem that causes the paralysis of leading companies in the world, a significant increase in prices for paying customers, and sometimes even requires expensive government subsidies.
The Israeli start-up company NanoLock Security (NanoLock Security) from Hod Hasharon found a solution to the problem. The company has developed software that protects end components from cyber attacks and energy theft by a unique patent. The startup helps companies as well as governments and various organizations to protect their smart meters as well, and prevent energy leakage.
The company was established in 2016 by a number of partners, including the CEO Eran Payne, veterans of the Israeli security establishment (Tamir Pardo, the former head of the Mossad, joined the company about a year ago). Almost a year ago, the company raised 11 million dollars in a second fundraising round, and a total of 18 million dollar.
“We are a company that protects critical infrastructures from outside attackers – Chinese, Iranian, Russian – but also from inside attackers,” explains the company’s CEO Eran Fein. Assaults from a distance. A few months ago news was published that Hamas tried to recruit workers in Israeli infrastructures. Think they would try to recruit workers in critical infrastructures such as water, electricity, and the enemy is already inside.”
Do you see an intensification in this issue of stealing energy and essential resources, precisely at a time when in most European countries there is almost no heating for that matter?
“All this is intensifying now because there are two crises that are intensifying into a big storm. One – the food crisis and the other – the energy crisis and they are quite similar in meaning. The energy crisis is derived from the fact that energy is used as political or economic or military leverage, that is, more energy, less energy in a period of Winter is a political factor and it creates a situation in which various bodies have the motivation to produce cyber attacks.”
The meaning is that if a cyber attack is carried out on gas infrastructure in a country that already has less gas, will it be possible to extract more political concessions from it?
“Exactly. And if I attack financially in addition to this action, I can achieve financial achievements, simply because the situation is a critical situation in its being.”
Payne explains that not all energy thefts are necessarily cyber attacks. “Sometimes it’s people in Mexico and Brazil who throw away a cable. If you read studies on energy theft, you’ll see that people throw away a cable in a third world, and not everything is sophisticated. But if I’ve already thrown such a cable, I can just as well convince one of the workers to do a manipulation, which will lower the reading in 30%, and then I can make money from it. In the same way, you can also cut off the electricity. Two years ago there was an attack in India where 30 thousand homes were cut off from electricity.”
One of the people who lead Nanoloc’s activities in the industrial cyber world is Col. (ret.) Moti Kanias, vice president of strategy at the company, who after a long service in leading positions in the defense system joined the company a few months ago. to our network, sometimes only due to human error”, explains Kanias, “our solution is actually locking sensitive areas by software, where it is impossible to make a change without another security wall”.
And how does all this have to do with Israel, is this something that happens here too?
Payne: “The situation in Israel is speculation, we don’t really know. We are a start-up nation and an excellent cyber nation, but we also have to remember that Israel naturally has more potential for attacks from within, due to the demographic structure of the State of Israel. We are very good at protecting ourselves from outside attackers , the Iranian that is taking over, but we are much more sensitive to attacks from within. We always have to be ultra-Orthodox, especially in our water infrastructures.”
Poisoning wells
Kanias: “Our infrastructures also received quite a few blows. Admittedly not ones that caused dramatic damage, but ones that mainly made us understand the cyber defense gaps that exist. This story with Hamas is a good example. What was published was that Hamas’s infrastructure tried to change configurations that were supposed to change the level of Chlorine in the water. Because it is a known enemy, they were able to locate and handle this incident properly, but apart from them, the Iranians are also constantly trying to escalate in similar patterns more than once. According to their world view, cyber activity is below the escalation threshold because it is not a car bomb or missiles. The cyber capabilities Ours are very strong, but not at any cost and not in every product deployed in the field, so a lot of hard work by the security services and strong technology are required to close this gap.”
How is it different from a firewall or antivirus for that matter?
Kanias: “Our development is based on a concept where there is “zero trust”, which focuses on protecting the action itself that you want or are trying to perform. This is different from horizontal protection actions that protect the entire network.”
Payne: “Someone comes in, gives an order like, for example, “Put 500 times chlorine”. But we require proof that this order is real, like an additional electronic signature from another entity that is not you. This means that we give technological permission to the customer in which the order and not the person or the network needs be signed. This adds another layer of security, in which we do not trust, neither the machine nor the person who wrote the same command.”
A form of user identification only with an additional layer.
“If you look at user identification, you assume that the person you let in is a good and positive person, but this is not always the case. And Israel, for example, is not always good at this. There should be very orderly protocols of who is allowed to enter, where no one trusts No one, but we are not good at access control management. Who hasn’t once had permission to log in with a username and password to someone, even at work? And here we have already violated a cyber protocol. Here we are not doing user identification, but action identification.”
And how in our era did such a solution not exist in the world?
Payne: “We didn’t invent the wheel, we just did something very well. The working assumption of the current solutions is that we will recognize who you are, look at the network, see if there is randomness, if we recognize patterns in the network. The downside to this is twofold: until you recognize the hack The horse has already run away from the stable. It’s detection versus prevention. Another disadvantage of what has been up until now – there are many facilities that are not connected to the network, and can still do enormous damage, so there was a limitation and an additional patent was required.”
The company’s clients are mostly international, ranging from energy, water, electricity and gas companies to companies that produce infrastructural food or those to which an attack could cause infrastructural damage. Customers whose factories are located in more than one country, etc. To the question of whether we private individuals will also have to protect ourselves in this way one day, Payne says that at the moment it is far away. “The potential for damage to private individuals in such cases is not huge. The damage potential for private individuals is mainly information theft, and it’s about other worlds, but medium and small companies will also need this at least in the future, and not just large companies with multiple infrastructures and plants.”
Moti Kanias (Photo: Courtesy of Nanoloc)I won’t pay a reasonable ransom for stealing energy, so attacking the electricity and water company makes more sense.
“And the oil that has been poured on the fire today is the events in Ukraine and the harsh winter. The other oil is the economic crisis and the ability of cyber attackers to carry out more and more attacks.”
Kanias: “It must be remembered that it is difficult to predict what countries will encounter in future wars, and what will certainly result is that if once a standard war was based on kinetic weapon bombs and dropped weapons, it must be remembered that there are personnel who do cyber warfare. More people are joining the circle of combat and adding another dimension to the kinetic dimensions we are familiar with. in our normal wars”.
How much is the awareness of the issue increasing these days?
Payne: “It is not enough in media awareness. We have Israeli clients, but most of our clients are international. It is not a huge market. There is a great awareness of cyber protection, but in this case it was easier for us to convince large international entities, mainly because one of our advantages It’s that we’re doing something a little different, and most Israeli cyber is focused on networks.”