How Israel’s Tech Experience Can Protect “Smart Cities”
What can cities worldwide learn about urban network security from Israel’s technology and expertise?
As civic infrastructure has become more connected and cities have become “smarter”, safeguarding urban security increasingly involves developing and applying cyber defense technology and the analysis of big data. And they need prevention and security technology to keep pace with a rapidly evolving threat landscape. So, what can cities learn from the Israeli approach?
Specifically, the Israeli experience shows municipal security leaders in cities throughout the world that they must ensure:
- Protection against volumetric DDoS (Distributed Denial of Service) attacks
Network Behavior Anomaly Detection (NBAD) technology should be deployed to best address the scale, diversity and fragmented nature of DDoS attacks. Israeli service providers have been targeted over the years by various threat actors trying to paralyze public networks or systems, interrupt service, or simply demonstrate their skills or malicious capabilities. The first line of defense for Israeli service providers combines several technologies. Proactive static defense using traffic shaping limits the traffic to each resource capacity and assures that critical infrastructure elements protecting the network such as firewalls and routers cannot be overwhelmed by a DDoS attack. Plus, dynamic inline DDoS protection surgically mitigates attacks when they occur without over-blocking legitimate users’ traffic. The multi-layer approach has proven to be an effective protection against major cyber-attacks such as the well-known OpIsrael DDoS attacks coordinated and organized by hacktivist group Anonymous, against Israeli public infrastructure, communications, government agencies and major corporations. The NBAD technology has also been used internationally to protect networks and significant public services and processes. A good example is how Israeli know-how was successfully deployed in the 2015 Catalan elections to protect networks against DDoS attacks that threatened to disrupt the democratic process.
- Preventing the next WannaCry
In recent years the spread of ransomware has intensified worldwide. The majority of ransomware uses the same technique. Innocent users are first lured into accessing a compromised site or file such as an email attachment that inserts malware. Once downloaded to the endpoint, this malware encrypts the entire endpoint data and asks for a ransom to decrypt it. The recent WannaCry ransomware that severely disrupted networks and business worldwide, also used this technique. It was distributed via email, compromised sites and SMB (Server Message Block, a basic protocol in Windows to communicate in a LAN). Network-based anti-malware technology can effectively detect infected emails and prevent their download as well as block the access to compromised sites to millions of end-points before they can encrypt any data.
- QoE/QoS (Quality of Experience/Service) for high priority communications and mission critical applications
The rapid spread and adoption of IoT devices brings ultra HD surveillance cameras into homes in order to make them safer and smarter. This causes a dramatic increase in both the number of devices and the network resources they consume. A consequence is the potential congestion of service providers’ networks and a major challenge: how to make sure homeland security traffic that uses the same limited resources and requires real-time inspection, is not impacted and disturbed. Many Israeli cities use video surveillance to strengthen their security. Application awareness and traffic management identify the unique patterns of homeland security cameras vs. home cameras and other devices, in order to prioritize the most important network traffic so it will flow uninterrupted at all times. This technology is used by operators in Israel to make sure that military, law enforcement or government communications are uninterrupted and prioritized in emergencies such as terror attacks.
A combination of these approaches is crucial for any major city looking to maintain the security of its infrastructure at all times.
A version of this article was originally published in Professional Security Magazine Online.
For further information about Allot’s DDoS Protection, click here.