Yitzhak Ben-Israel thinks Kim’s cyberwarriors are third-rate, U.S. missile defense is good, and the Iran deal is a keeper.
by Zev Chafets
Success, it is said, has many fathers, and that is certainly the case of Israel’s astonishing achievements in the areas of missile defense and cybersecurity.
But if anyone is entitled to claim paternity, it is Isaac Ben-Israel. As a major general, he commanded the IDF unit in charge of military R&D and as the Director of Defense R&D in the Israeli Ministry of Defense, he oversaw the creation of Israel’s cutting edge anti-missile systems. As a civilian, he became the architect of Israel’s unique cyberdefense ecosystem. Today, at 68, he heads the department of security studies at Tel Aviv University, chairs Israel’s Space Agency and its National Council for Research and Development and, in his spare time, writes influential books on high-tech military strategy and runs his own consultancy firm, RAY-TOP (Technology Opportunities) Ltd. He’s a busy man.
Last week, when I met Ben-Israel in his office at Tel Aviv University, I took a tape recorder with me. This isn’t my usual practice, but I admit to being nervous. It’s not every day that an ex-Israeli Defense Forces sergeant interviews a major general, especially when that major general is a combination Robert Oppenheimer and Batman, and the ex-sergeant barely passed high school geometry. I didn’t want to miss anything.
Ben-Israel readily agreed to being taped. I put the recorder on the desk between us and hit the on button. To my consternation, a red light began flashing. “I don’t think that’s supposed to happen,” I said.
“I don’t know either,” he said. “I never learned how to use one of those things. I can ask one of my assistants to take a look.” We both laughed, I fiddled with the recorder until the blinking stopped and began asking questions.
The New York Times recently reported that North Korea wants to become a cyberpower. Is that as dangerous as it sounds?
Not really. If it is true that North Korea has trained 6,000 computer experts in 10 years, that’s impressive. But that leaves them a long way from entering the top tier of cyberpowers.
Who’s in that class?
Cyberweapons can be either offensive or defensive. If I had to rank countries in both categories, I would say that the U.S. and Russia are first, followed by Israel, Great Britain and China, in that order. There’s a second tier, composed of countries like France, Germany and other modern democracies. North Korea, and Iran, by the way, are strictly third tier.
Why does the number of trained personnel matter? Why can’t a country like North Korea simply hire foreign hackers?
The Lone Hacker is mythology. You need networks to mount serious operations. First, you have to gather information on the target. This takes time and effort, and it is an ongoing process. You have to constantly monitor and update what you know and what the other side is doing. If your goal is to insert a Trojan virus, like Stuxnet, it must be done gradually and stealthily. According to foreign analysts, it took two years and hundreds of highly skilled operatives.
So there is no serious threat from cyberterrorists?
It can happen, but usually terrorist organizations don’t have the manpower or the patience for cyberwar. To get the effect they want (mainly in the media), it is easier and more cost-effective for them to fly a plane into a building or put a bomb in the railroad station.
How does Israel defend itself from more serious challenges?
By building an ecosystem. That is what we have done.
What does that mean?
In 2010, Prime Minister Benjamin Netanyahu charged me with creating a five-year plan national cyberdefense. The problem is, a single year is a generation in cyber. You can’t predict five generations ahead.
What you can do is to train a sufficient number of talented experts capable of dealing with the changes that inevitably develop over time. You also need to organize a flexible, integrated infrastructure that can evolve with new technology and new threats.
The prime minister agreed with my approach. Consulting with the top people in a number of related fields, I delivered 13 recommendations for creating an ecosystem. To his credit, Netanyahu fully accepted the plan, and implemented it. Without his leadership, it wouldn’t have happened.
What were some of the things you proposed?
Many involve investment in education. For example, in 2010, there wasn’t a single university in the world where you could get a bachelor’s degree in cybersecurity. Today, almost every Israeli university offers one. High school students can now major in cybersecurity and enter the army with a high level of knowledge. We’ve even begun educating elementary-school kids on the basic rules of the cyber road. As a result, I believe that Israel is number one in the world, per capita, in cultivating this sort of talent.
What are other aspects of the plan?
The business sector is also part of our ecosystem. Israel is a small country with a small domestic market. We live by exporting. Cyber is an important product, but early on we realized that it can sometimes be used as a weapon.
Selling weapons abroad requires a government license, with all the red tape that entails. When we export major systems, it is to countries or mega-corporations, and the conditions of use are negotiated contractually. It is a long process and we know exactly what the terms are.
But high-tech startups are different. They are largely funded by private investors, many from abroad, who expect a return on their investments. Our challenge was to find a way to allow these startups to flourish without allowing dangerous technology to fall into the wrong hands. And we have.
We decided to allow the export of defensive cybertechnology without the need for a government license. Offensive technology requires one.
Isn’t that a hard line to draw?
It is. Actually, nobody really knows how to draw it. So we leave it to the exporters themselves to determine if their product requires a license. This permission comes with a warning: If we catch you trying to sell offensive cyber products abroad, there will be severe legal penalties.
In other words, you want ambiguity and the burden of proof on the exporter?
Yes. I’m not sure this would work in other countries but it does for us. So far there hasn’t been a single problem. Meanwhile, Israel’s share of the global market in cyber products and services has reached 10 percent — a fivefold increase over the past five years. And I read an article in Bloomberg about six months ago estimating our share of global cyber R&D at around 20 percent. So evidently we are doing something right.
Let’s talk about another area of your expertise, missile defense. Is the American long-range missile defense system good enough to protect the United States from North Korean ballistic missiles?
That’s difficult to assess without real-life experience in battlefield conditions. That’s where weapons get debugged and improved. U.S. anti-ballistic systems have been tested in missile ranges, but not in combat situations. But it appears the U.S. has done a lot of serious, test-range work against actual missiles.
What’s your level of confidence that they will do the job?
It’s a guess on my part, but I’d say nine on a scale of 10.
North Korea also has a huge number of short-range missiles aimed at Seoul, the capital of South Korea. Israel has experience with rocket fire from Lebanon and Gaza. Is it applicable?
First, it must be remembered that North Korea has nuclear weapons. If the U.S. crosses a red line, the crazy dictator in Pyongyang could use them. Hezbollah and Hamas don’t have nuclear weapons, which is exactly why Israel doesn’t want Iran to have them.
As far as conventional short-range artillery, we have solved that technological problem with the Iron Dome. In Israel’s 2006 Lebanon War, Hezbollah fired 4,200 missiles at Israel. They killed some 80 people. We didn’t then have the Iron Dome. Nine years later, Hamas in Gaza fired 4,500, same type of rockets, and there was not a single casualty. That’s the meaning of “battle-tested.”
Will this work against North Korea?
It is a matter of scale. North Korea’s rockets are not different from those of Hamas and Hezbollah. But North Korea has a great many more. If they were to launch a massive simultaneous barrage, you’d need a sufficient number of Iron Dome batteries.
There are media reports that Israel has sold, and is selling, Iron Dome batteries to South Korea and Japan. True?
I have read that in the newspapers, the same as you.
Are there other countries that have developed their own Iron Dome?
Israel is the only one.
Let’s turn to Iran. You have been on the record as seeing the nuclear deal with Iran as good for Israel. Prime Minister Netanyahu disagrees. So does President Donald Trump, who has declined to re-certify Iranian compliance and sent the matter to Congress. Has that changed your thinking?
At present there is an international agreement that prevents Iran from having the Bomb. People may say, how can you believe Iran? The answer is, don’t believe, check! You can do it the old fashioned way, through espionage, and there are also provisions in the deal that permit constant monitoring, which will decrease over 20 years.
That is the point that Trump and Netanyahu make — that eventually Iran will be free to develop nuclear weapons.
God knows what will happen in 20 years. Let’s talk about now. Before the deal, Iran was two months away from having enough fissile material to complete their project. It had enriched uranium, not only 3.5 percent but also 19.7 percent. This was acquired despite an international sanctions regime. If the deal collapses, is it likely that more sanctions will deter Iran from resuming its project? Especially if Europe, Russian and China decline to go along with American sanctions?
So Netanyahu, and Trump, are wrong in “nix it or fix it?” approach?
They are two people who have their own opinion. In both cases, it is not shared by their professional advisers and intelligence communities.
Would you advise Congress to keep the deal intact?
I’m an Israeli. I don’t give advice to the American Congress.
Iran is aggressive. Does it pose a conventional military challenge to Israel?
Iran is an aggressive enemy, but its conventional threat (military as well as terrorism) is small given the power of Israel.
Iran wants Russia to provide it with an advanced S-400 anti-aircraft system. Would that change your calculation?
It won’t make a big difference. We have the technology to deal with it.
Final question: As president, Donald Trump has sole authority to authorize the use of nuclear weapons. Does that concern you?
The president does have the authority but he can’t just press a button. In order to launch his nuclear missiles he needs the cooperation of others. In any case, I’m not concerned. President Trump is unpredictable, unexpected, but I don’t think he’s insane.
How does Israel’s protocol for launching nuclear weapons differ from the American model?
Thank you very much for stopping by.
This column does not necessarily reflect the opinion of the editorial board or Bloomberg LP and its owners.