The following is the transcript of an interview from November 13, 2024, with Alon Yaffe, Lead Solutions Architect at MazeBolt on the Hebrew-language program The Color of Money, with Yair Weinreb.
DDoS Attacks Result from Vulnerabilities in DDoS Protections
QUESTION: Iran threatened Israel with a cyberattack – expected to take place within the next 48 hours, if you take their threats seriously. We’ve heard that Israel’s banks and financial institutions are well prepared for these types of attacks. Is the risk more substantive now than it’s been until this point?
ANSWER: We’re experiencing a surge of increasingly dangerous cybersecurity threats at present. We are seeing that some hacking groups have shifted their focus: from targeting the US, Europe, the UAE, etc., to targeting us in Israel.
It’s important for me to preface this by saying that the type of attacks that cause us the most damage – by us, I mean the citizens and businesses in Israel – are distributed denial of service (DDoS) attacks. We saw this in the last 2 weeks – for example, with the DDoS attacks on SHVA, Hyp, and Bit.
Our degree of vulnerability – how exposed we are to these attacks – is the result of incorrect usage of DDoS protection solutions. There are suppliers and companies with DDoS protection solutions that are excellent; some of them are Israeli, while some are international. Their technology is first rate, but broadly speaking, in most cases it is not being used accurately.
I say this based on the experience of our company, MazeBolt. We are pioneers in this area. We are the only company in the world that provides this type of visibility – providing guidance on the correct configuration, and without damaging business operations.
Taking a More Proactive Approach
QUESTION: As private individuals, is there anything we can do? Or perhaps we aren’t the real target – the target is the large organizations? Of course, if the big organizations are hit, we are also hit. How does this relate to our use of WhatsApp, Facebook, Telegram, etc.?
ANSWER: At the end of the day, the hackers’ goal is to cause us damage. But to reach us, they need to first hit the service providers. As you said: Facebook, Bit, Paybox – everything we use, including governmental services.
I believe that, as citizens, we need to change the current situation. We need to create a new situation in which those who are responsible for Israeli cybersecurity take a more proactive approach. What does that mean? Not to sit and wait for an attack to happen, and then respond to it. Because that means that we all suffer. It takes at least a few hours to recover, as we saw just two days ago.
Mitigating the Risk Requires Preparation
QUESTION: And you don’t think that our businesses are protected? The government offices, and the banks – they are not sufficiently protected, in your opinion?
ANSWER: It’s a good question. The truth is, a few days ago I heard an interview on one of the radio programs. Someone was interviewed from the Israel National Cyber Directorate. He had this approach of, “Look, these attacks aren’t particularly sophisticated. They are powerful but it’s not serious – it’s child’s play.” That is to say, they are adopting an old approach – one that claims that DDoS attacks are child’s play. Claiming that they don’t require advanced preparation for defense – is simply not correct. We see this all over the world.
To learn more about how to mitigate the risk of DDoS attacks, speak with an expert.
