• TECH

• news

Hackers Crackers: A Look At The Work Of Cyber ​​Researchers In The National Cyber ​​Array

"Suppressing significant attacking factors that pose a threat to the Israeli economy": The cyber system deals with protecting and maintaining the continuity of the Israeli economy, whether it is against the attacked organization, or with proactive protection against hostile state elements.

We spoke with one of the researchers who told us about the unique work

Tags

• Cyber

• technology

Mikey Levy

Monday, 24 May 2021, 00:01

• Share on Facebook

• Share on WhatsApp

• Share on general

• Share on general

• Share on Twitter

• Share on Email

0 comments

Hacker crackers: a glimpse into the work of cyber researchers in the national cyber system (Photo: Oded Karni)

"Cyber ​​researcher" is considered one of the most interesting and hot areas in the technology market today;

The ability to learn about new and sophisticated attackers and handle events in real time, makes the role dynamic, high-paced with high importance and a significant contribution to national security and civilian space.

So what is particularly interesting about the job, what do you need to do to be successful in the field and what abilities are reflected in the job?

A daily look at the role in the Operations and Intervention Division of the National Cyber ​​Array.

More on Walla!

Netflix announces its entry into the gaming world

To the full article

Over the years, the role of cyber researcher becomes particularly significant with the advancement of technology and the rise of cyber attacks.

"The researcher in the position requires experience and knowledge in network investigation, handling attack incidents, in-depth knowledge of operating systems and forensics, ability to analyze information, memory investigation, effective experience in various operating systems, experience working with recognized investigative and defense tools and programming capabilities," explains Y. Employed for about two years in the national cyber array, after nearly five years of service in the Intelligence Corps, in incident handling, information security and research positions.

"Alongside this, one should also be flexible and understand that the role is changing according to technological developments, so that researchers continue to learn new things at all times and are required to implement them quickly."

Over the years, the role of a cyber researcher has become particularly significant (Photo: Oded Karni)

"Suppressing significant attacking factors that pose a threat to the Israeli economy"

National-level cyber researchers have a vital role to play in protecting and maintaining the continuity of the economy, whether it is against the attacked organization or in proactive defense against hostile state elements. Unlike a private company, whose interest is to protect a specific organization, at the national level, the entire economy is protected from the potential for a cyber attack and especially one that may spread - an epidemic. As Y. from the lineup describes it: "The job is to handle and assist organizations in dealing with attacks. The work includes connecting to various organizations, learning the nature of the work in them and the ability to conduct an investigation according to limitations. Among other events, network investigation is required. "Solutions for gathering and identifying, gathering a lot of information and dealing with officials in the organization, all in order to stop significant attacking factors that pose a threat to the Israeli economy." In the national cyber system, they face a variety of attackers, including state enemies, who try to harm the economy and state assets. "The goal in the end is to protect civilian space from the spread of the attack, and from causing significant damage. "

"Many times it is really an online war against the other side until the final stop"

The touch of the national cyber system in various and diverse sectors of the economy allows cyber researchers to be exposed every day to innovative attack and groundbreaking methods of action. As Y. explains from the set-up: "The methods of action of the attackers are very diverse, so that any investigation or treatment I carry out, necessarily allows me to innovate something for the Israeli cyber community as well as for partners in Israel and even in the world." The investigator's job is to pave the right path that will block the event and prevent a repeat attack: "Many times it is actually an online war against the other side until the final stop. I start the investigation by checking which points in the way the left attacker, the crumbs, without knowing what part it is in the puzzle. "There is still an active attack in front of me. You know you have a puzzle, and you have to solve the puzzle, starting with the first crumb. Sometimes the findings are clear and immediate and sometimes the work continues and the attacker is looking for up-to-date ways to regain control of the organization."

What does it take to work in this role?

According to Y. "A big head. It is impossible to think small and do the job, you have to learn and improve your abilities at all times. At the end of the day the quality of care will determine the organization's ability to deal with the attack and even affect the resilience of the entire civic space. "Solve end-to-end problems independently. The researcher must have high analytical and research skills and the ability to stand and work with clients."

"You can't think small and get the job done" (Photo: Oded Karni)

The National Cyber ​​Network is currently recruiting cyber researchers, analysts and other jobs in the field.

According to Erez Chernovitz, Senior Vice President of Management and Human Resources at the National Cyber ​​System, "The work in the system is at a faster pace than is known in the public service.

We offer a high-tech environment, a daily challenge, exposure to the national situation and unique information in the field, operationality and security work with a sense of contribution to the country.

In order to adapt to the competitive and hot market in the field, we have recently adapted the recruitment routes to a unique process that shortens the ranges in the selection and acceptance of employees, even more than other security bodies, and we offer favorable employment conditions and unique routes for cyber personnel. "

A., a cyber researcher for two years in the system, is responsible for the technological treatment of cyber incidents in the attacked bodies - conducting a forensic investigation in the body network, accompanying the entire process from the moment of contact until the end of treatment.

Has a background in forensic investigations from an IDF intelligence unit.

"The main role is to conduct an investigation into the attacked body" (Photo: Oded Karni)

"The main job is to conduct an investigation into the attacked body. Usually, the treatment begins with an initial dialogue with the body in order to obtain general information about the nature of the company and its network structure - all with consent and without entering the company's own systems. From the organization and then formulating a plan to remove the suspicious findings that arose as part of the online investigation activity. Raising walls. "

"What interests me most about the role is the ability to track an attacker's behavior, understand and investigate the logs of computer operations. Most often we see that the attacker enters through a common vulnerability released shortly before and already has a security update. That is, if the organization implements the security update "In time, it is likely that the attack would have been avoided. It is even more interesting to see the attacker's occurrence in the body and identify his interest in the same company. We have the ability to invest many investigative resources over time, so the ability to deal with significant threats is deep and comprehensive."

• Share on Facebook

• Share on WhatsApp

• Share on general

• Share on general

• Share on Twitter

• Share on Email

0 comments