Tech companies that develop sophisticated cyber capabilities that could be co-opted by malicious actors have a responsibility to see that their sale is controlled and that they are used safely, National Cyber Security Centre (NCSC) CEO Lindy Cameron will tell an audience at Tel Aviv University’s annual Cyber Week later today (28 June).
Calling for cooperation between institutions, technology companies and governments, Cameron will say: “If we’re going to maintain a cyber space which is a safe and prosperous place for everyone, it is vital that such capabilities are produced and used in a way that is legal, responsible and proportionate.”
Although it does not reference the events directly, Cameron's speech comes almost a year after the already-controversial Israel-based malware developer NSO Group became embroiled in a surveillance scandal after an investigative consortium revealed that its mobile remote access trojan (RAT), Pegasus, had been sold to repressive regimes that used it to spy on targets in other countries, including the UK.
The Pegasus RAT was linked to the murder of journalist Jamal Khashoggi by the Saudi Arabian authorities, among other things.
NSO Group has subsequently become the subject of restrictions and lawsuits in a number of jurisdictions, and at the end of 2021, the Israeli Ministries of Defence and Foreign Affairs tightened the country’s export control rules for cyber technologies, although they made no mention of NSO Group as they did so.
“I am delighted that Israel has tightened export controls around these tools, making it far more difficult for nations with concerning records on privacy and human rights to acquire such intrusive spyware.” Cameron will say.
“It is important that every actor, from the developer to the end-user of these types of technology and capability acts responsibly, with appropriate safeguards to protect against misuse.”
Going forward, countries interested in acquiring a cyber or intelligence system from an Israeli company are obliged to sign an updated declaration as a condition for issuing an export licence, stating that its use will be restricted to the investigation and prevention of crime and terrorism. Note that this may not have prevented the sale of NSO’s Pegasus malware in some circumstances, as the company has always maintained that it is sold for exactly that purpose.
Cameron will go on to describe Israel as a “shining example” of a state that takes cyber security seriously. “The technology developed here is truly world class,” she will say. “The talent in the cyber security sector is second to none. And your defences are some of the strongest in the world.
“But making the most of our digital future is too big an issue for any one nation to handle alone. From drip-feed irrigation to dramatic medical advances, Israel has always proudly innovated for the benefit of people well beyond your borders. So I hope you will continue to produce cyber security solutions which are safe, strong, but also affordable for the whole world.
“To succeed, partnerships are essential. So, we are building stronger ties between academia, industry and government. We must come together around our shared values, each nation bringing its own particular skills and strengths to build a network that is naturally resilient to attack, one that favours innovation, discourse and creativity over control and coercion.”
Cameron’s speech will also touch on the current threat landscape, noting that even with the cyber element of Russia’s illegal invasion of Ukraine, it is ransomware that remains the most pressing security threat.
“Just as they have on the battlefield, the Ukrainian cyber defenders have done an incredible job of repelling many of these attacks,” she will say. “They are real heroes. Resilience and preparation is at the heart of this success.
“But even with a war raging in Ukraine, the biggest global cyber threat most organisations face is still ransomware. That tells you something of the scale of the problem.
“Ransomware attacks strike hard and fast. They are evolving rapidly, are all-pervasive, and are increasingly offered by gangs as a service, lowering the bar for entry into cyber crime. And it is this that makes them such a pernicious threat – not just the nationally significant incidents we deal with in NCSC, but also the hundreds of incidents we see nationwide every year.
“These complex attacks have the potential to affect our societies and economies significantly, were it not for the expertise of our incident management operators working in collaboration with their counterparts in industry and international governments.”