CAESARIA, Israel — Three hackers sit in a darkened room, grey hoodies pulled over their faces and glowing computer screens lighting up the rapid typing of their fingers. Graffiti covers the walls around them quoting Anonymous and other hacking collectives.
It may be a clichéd picture of hacking today — but this Israeli company swears their hacking simulator is the best way to train modern-day corporations in how to fend off cyber attacks.
"We all come from that world, we have real life training in it — not some theoretical or academic knowledge that may or may not happen," said Ofir Hason, CEO of Cybergym, an Israeli company that celebrated its official launch Wednesday as a training area for defense against cyber attacks.
The company has already been up and running for three months, and has trained clients from Europe, the U.S., and Asia on how to protect themselves against cyberterrorism.
"People come to us from all over the world. And why should they not? We are unfortunate enough to have the most experience in this," said one of the hackers, who could not be quoted by name because of his ties to Israeli intelligence.
Israeli officials estimate that their country is subject to 10,000 unique online attacks per hour. No company undergoes more attacks than Israel Electric Corporation (IEC), the country's national electricity company which is attacked up to 20,000 times each day.
"Every day there are new attempts, new methods used to try and attack our system. That is why we understand best how to protect against them," said Gilad Yoshi, the VP of Sales and Business development at CyberGym, which partnered with IEC to develop its campus and simulator.
"Israel has a reputation for being the victim of lots of different kinds of cyber attacks," said David Fidler, cybersecurity expert and professor at the Indiana University Maurer School of Law. "They also have a reputation for developing technology to defend against it. If they are drawing from a pool of people from both the private and public sector a lot of customers are going to believe that they can deliver on the goods."
He said that as cyber attacks against the private sector grow, so do companies offering the type of services as CyberGym.
"There are companies here in the United States that are offering similar services, helping companies protect themselves. This is a problem that isn't going to go away. Cyber attacks will only increase, which creates this market space for companies to help develop corporate defenses," said Fidler. Having a background in some of the offensive cyber abilities Israel is credited with can't hurt either, he said.
"The difference between offense and defense is just a few lines of cyber code. Having access to people who are involved in developing offensive cyber capabilities would be beneficial to helping corporations understand how to defend themselves," said Fidler.
Like nearly everyone else who works at CyberGym, Yoshi and Hason have a background in Israeli intelligence and defense.
As they strolled the sprawling campus, which looks like a cross between a southern California university campus and a Midwest farm, calls came streaming in from Israeli generals and intelligence officers congratulating them on the venture. On Wednesday, Cybergym invited journalists, professionals and industry specialists to celebrate their official launch. By mid-2014, they plan to open three more campuses in Europe, Asia and Africa.
"At the end of the day, it's not a bad thing that the rest of the world thinks of us as being on the forefront of cyberwarfare and cyberterrorism. By training other companies, showing them what we — as Israelis — can do, we might deter them from trying," said one private Israeli businessman who attended the launch. "There is something to be said for the mythos of the grand Israeli military intelligence complex."
Hason said too many people believe that serious cyberattacks began with Stuxnet, the virus that targeted Iran's nuclear facilities by causing its centrifuges to spin out of control. Most people attributed the virus to Israel and the United States, though neither has taken credit. It has been called the most sophisticated cyberattacks to date.
"It took a long time to get to Stuxnet," Hason said. "For years before that, companies were preparing for that sort of attack. Stuxnet was just the first time there was a cyberattack that led to real world implications that became famous," he said. "We've learned that prevention is the key, and practice."
Practice is what CyberGym is all about. Set on a campus just a few miles away from the ancient Roman ruins of Caesarea and the headquarters of IEC, CyberGym simulates what a company would go through during an intensive online attack.
In one room — the one with graffiti and a crowded desk — are the hackers. In case you weren't sure, they wear red garlands around their necks designating them as the enemy. Just 20 feet away is a room that simulates what a company control room might look like. There is a boardroom with a drawing board, and next to it, a room filed with computers running various programs that keep everything from the company website to the electrical and water grid alive.
The hackers try to do everything in their power to bring the company down. Each training sessions is different, said the hackers, and is based on what new programs and methods they see being developed in the real world.
"Some of us learned in the army, others of us in the real world. The thing is, we live in this world, we come up with new types of attacks each day," said one of the hackers. CyberGym would not allow any of them to be identified by name as they all had sensitive intelligence backgrounds. "We tell the people that come here for training, there isn't one program, one simple antivirus thing we can give you that will solve all your problems. You have to learn to think creatively, to identify where you are vulnerable and what type of attacks will be aimed at you."
Sometimes, he said, he wonders why Israel gets all the practice it does with cyberattacks.
"I don't spend too much thinking about it though," he said, then added with a smile: "You know what they say? A good defense is a good… defense."
Sheera Frenkel is a cybersecurity correspondent for BuzzFeed News based in San Francisco. She has reported from Israel, Egypt, Jordan and across the Middle East. Her secure PGP fingerprint is 4A53 A35C 06BE 5339 E9B6 D54E 73A6 0F6A E252 A50F
Contact Sheera Frenkel at firstname.lastname@example.org.
Got a confidential tip? Submit it here.