State Comptroller's report: Israel fails to protect it's security and economic interests

No plans, no manpower, no professional knowledge, and no trust from the public - this is the bleak picture that emerges from the State Comptroller's report when it comes to dealing with the online crime law enforcement system (or cybercrime).
According to estimates, in 2020 the global damage from cybercrime was about $ 6 trillion, and it is expected to reach $ 10.5 trillion by 2025. In Israel, the number of investigative cases dealing with cybercrime increased between 2016 and 2020 by about 250% to 8,821 Bags.
Despite this, more than 25% of the 36,000 cases opened by the police between 2018 and 2020 and classified as "Internet-related" were closed outright. 75% of the remaining cases were closed later, most of them (about 63%) on the grounds of an unknown offender. The handling of these cases lasted a short time of up to ten days, and most cases were closed in less than a month.
The auditor's inspection, conducted between March and August 2021, which included the police headquarters, the national cyber unit in Blade 433 and cyber divisions in the police districts, as well as completion inspections at the State Attorney's Office, the Ministry of Justice, the Ministry of Homeland Security and cyber systems. The lowest.
Thus, for example, with regard to crime in the area of ​​heresy, an area in which the economic damage it causes to the Israeli economy is estimated at hundreds of millions of dollars, it was found that the police have not formulated a plan to deal with this crime.
A staff work conducted at the police in 2020 revealed a series of failures in dealing with online fraud and deception offenses, including: "Inconsistency between districts; underreporting of online fraud offenses; inefficient and outdated handling; lack of online response to complaints; lack of uniform database and ability to analyze information; "Professional investigators; Weakness of all units in detecting real-time cybercrime phenomena; Lack of cybercrime detection technology; District fraud units focus on cases involving large-scale investigations at the expense of smaller-scale cases."
The National Cyber ​​Center (MSA) at Blade 433 operates without a detailed methodology and without appropriate technological equipment. "The commander of the national unit [addressed this matter] to Rosh Lahav several times starting in 2016, and in 2020 he even emphasized in this matter that Masa's activity is growing year by year, and the turnover of national service girls every two years could create considerable operational space in police dealing with cybercrime; Prevent professional and effective functional continuity, and impair training and organizational memory. However, his said inquiries were only partially answered. "
The comptroller further claims that the police have only professional knowledge that allows for the investigation of relatively simple cases such as phishing and sexual extortion, and that there are gaps when it comes to more sophisticated attacks. This knowledge gap connects to a significant technological gap: "There is a significant shortage of basic and advanced equipment in the cyber and technological arena units (ZIT), which is not in line with the police procurement plans for 2019 to 2020. And makes it difficult for researchers to locate and track criminal activity in the online space. In the absence of such technological means, the cyber and ZIT systems have difficulty extracting digital evidence in all incidents. "
The Comptroller adds: "The investigators do not have a written methodology for investigating criminal activity in a cloud infrastructure performed on a central infrastructure of leading platforms; or for the ability to track a multi-armed attack path involving more criminal elements than a local cybercriminal. For example, investigating an activity. "A criminal who raises the suspicion of stealing coins from a digital wallet requires a quick investigation in accordance with an orderly methodology, in order to decipher the path of the attack and return the theft to its owner."
The report further states: "The intelligence picture for 2020 revealed that the network is a space where the state has no control, and in its area it fails to protect the security and economic interests of itself and its residents, including in terms of personal security and privacy. "Although there is an intelligence and operational need to institutionalize cooperation between the police and the bodies of the defense establishment, with an emphasis on the intelligence community, there are no permanent work interfaces between the bodies."
The Comptroller also deals extensively with the activities of the Cyber ​​Unit of the State Attorney's Office for removing problematic content from social platforms, and with the activities of the administration of the courts for the removal of defamatory publications against police officers. The cyber unit operates a voluntary enforcement track, in which it addresses directly to platforms such as Facebook or Twitter and seeks to remove content that is contrary to Israeli law. As stated before, this activity is done without explicit legal authority and is based on residual authority of the government and auxiliary authority of the ombudsman.