Network Security

Commercial Cyber ​​Products Should Be Used Responsibly, Says NCSC Executive Director

Commercial Cyber ​​Products Should Be Used Responsibly, Says NCSC Executive Director
Written by ga_dahmani
Commercial Cyber ​​Products Should Be Used Responsibly, Says NCSC Executive Director

Technology companies that develop sophisticated cyber capabilities that could be co-opted by malicious actors have a responsibility to ensure their sale is controlled and used safely. National Cyber ​​Security Center (NCSC) Executive Director Lindy Cameron will tell an audience in Annual Tel Aviv University Cyber ​​Week later today (June 28).

Calling for cooperation between institutions, tech companies and governments, Cameron will say: “If we are to keep cyberspace a safe and prosperous place for all, it is vital that such capabilities are produced and used in a way that is legal, responsible and proportionate.”

While not directly referencing the facts, Cameron’s speech comes nearly a year after already controversial Israel-based malware developer NSO Group was embroiled in a surveillance scandal after a research consortium revealed that its mobile remote access Trojan (RAT), Pegasus, had been sold to repressive regimes that used it to spy on targets in other countries, including the UK.

The Pegasus rat was linked to the murder of journalist Jamal Khashoggi by the Saudi Arabian authorities, among other things.

NSO Group subsequently became the subject of restrictions and lawsuits in several jurisdictions, and in late 2021, the Israeli Ministries of Defense and Foreign Affairs tightened the country’s export control rules for cyber technologies, although they did not mention NSO Group when they did.

“I am delighted that Israel has tightened export controls around these tools, making it that much more difficult for nations with worrying privacy and human rights records to acquire such intrusive spyware.” Cameron will say.

“It is important that all actors, from developer to end user of this type of technology and capability, act responsibly, with adequate safeguards in place to protect against misuse.”

In the future, countries interested in acquiring a cyber or intelligence system from an Israeli company are required to sign an updated statement as a condition for issuing an export license, stating that its use will be restricted to research. and prevention of crime and terrorism. Note that this may not have prevented the sale of NSO’s Pegasus malware in some circumstances, as the company has always maintained that it is being sold for exactly that purpose.

Cameron will go on to describe Israel as a “shining example” of a state that takes cyber security seriously. “The technology developed here is truly world class,” he will say. “The talent in the cybersecurity sector is second to none. And your defenses are some of the strongest in the world.

“But making the most of our digital future is too big a problem for one nation to handle alone. From drip irrigation to spectacular medical advances, Israel has always proudly innovated for the benefit of people beyond its borders. So I hope that it will continue to produce cyber security solutions that are secure, robust, but also affordable for everyone.

“To be successful, alliances are essential. Therefore, we are building stronger ties between academia, industry, and government. We must unite around our shared values, each nation bringing its own particular skills and strengths to build a network that is naturally resistant to attack, favoring innovation, discourse and creativity over control and coercion.”

Cameron’s speech will also touch on the current threat landscape, noting that even with the cyber element of Russia’s illegal invasion of Ukraine, ransomware remains the most pressing security threat.

“Just as they have done on the battlefield, Ukrainian cyber defenders have done an incredible job of repelling many of these attacks,” he will say. “They are true heroes. Resilience and preparation are at the heart of this success.

“But even with a war in Ukraine, the biggest global cyber threat facing most organizations remains ransomware. That tells you something about the scale of the problem.

“Ransomware attacks hit hard and fast. They are rapidly evolving, ubiquitous, and increasingly offered as a service by gangs, reducing the entry level into cybercrime. And this is what makes them such a pernicious threat, not only the incidents of national importance that we deal with at NCSC, but also the hundreds of incidents that we see across the country each year.

“These complex attacks have the potential to significantly affect our societies and economies, were it not for the expertise of our incident management operators working in collaboration with their counterparts in industry and international governments.”

About the author

ga_dahmani

Leave a Comment