Since the outbreak of the coronavirus, we’ve seen a worldwide rise in cybercrime. How exposed is Israel to this phenomenon?
“We are seeing a significant rise in cybercrimes, scams, fraud, and forgery since the outbreak of the virus, but fewer crimes have been committed that involve cash since criminals have resorted to “working from home” and turned to the web. A recently conducted survey showed a spike in the volume of online crimes committed since the outbreak of Covid-19, an increase of between 40%-80% in the volume of cybercrime, while intelligence reports of fraud that were later passed on to law enforcement officials jumped to 35% (compared to 25% prior to March). However, according to law enforcement agencies, over 90% of cybercrimes go unreported.”
“We’re seeing a significant increase in forex trading platforms, and in gray market loans, which many people are pressured into turning to during these dire times. We’re also seeing a rise in fraud in the field of non-bank loans on a much larger scale. During financial crises, there is a rise in crime since people’s defenses go down, while financial institutions are engaged in keeping their bodies afloat. That is one of the reasons why we are giving corporations and the public the tools they need to better monitor these situations and wave red flags if need be.”
What types of fraud have increased?
“We’re seeing an increase in text messages that promise people loans; this is a complete scam. They require you to pay a fee of several hundred shekels to open an account in order to receive the full loan, and then they get you. These are companies that change their name every two weeks, open fake accounts with fake profiles, the money flows in, and then is rapidly withdrawn, with the individuals purchasing cryptocurrency and then vanishing. We are also seeing an increase in SIM-swapping and hacking of phone numbers, which criminals use to steal identities and empty the owner’s account. There are also sites that offer masks and medical equipment that doesn't actually exist.”
How has the shift toward working remotely affected online crime?
“We are seeing more vulnerability because there are more opportunities to attack an organization when activity is done remotely. We are also seeing a significant increase in ransomware attacks.”
After your appointment as the head of the agency in 2016, drastic changes came about. Can you elaborate?
“We formulated a multi-year plan to address these issues and within a short time we doubled and tripled our products, and became one of the leading authorities in the world in terms of effectiveness and the ability to move forward and prosecute the criminals involved. We guided law enforcement agencies on how to use financial intelligence in investigations, which yields evidence with 99% certainty. We also found money trails that led to criminals. In Israel, there isn't a single investigation with economic aspects today that has not been assisted by our authority, in cases which it didn’t initiate itself.”
The Money Laundering Authority is made up of analysts who analyze financial information that comes to the authority through sources, such as banks, insurance companies, hard change, etc. Wagman-Ratner says that offenders will never know where the information came from since it is based on intelligence, “we make sure not to be at the front, rather behind-the-scenes. But, we are responsible for the information contained in secret reports which the police then submit to the court,” she said.
“For example, one of the cases uncovered in Israel recently was discovered in part because of the authority. We found a suspicious lawyer that provided legal assistance to nearly all of the criminal organizations and helped them launder money. Unfortunately, we are witnessing many lawyers who have crossed the lines and are helping criminals stay below the radar.”
The public’s trust has shattered
During the coronavirus outbreak, actions on behalf of the Israeli Security Agency (Shin Bet) violated citizens’ privacy, it seems as though your voice wasn’t being heard.
“During the first 72 hours of the emergency, it’s true that the authority was not involved, probably because it bothered one of the higher-ups. After a lot of elbowing, we passed along an official message stating that we are against the Shin Bet and police tracing people’s personal data. I think that having a national security agency monitoring citizens is a disproportionate invasion of privacy and that many mistakes were made. There are better alternatives that don’t violate a person’s privacy on the same scale, such as the HaMagen infection tracing app. It’s true that at the end of the day, the government decided not to accept our recommendations on a certain point, but we did manage to dial down the severity of the arrangements during discussions over the bill, and the decision that was reached reduced the invasion citizens’ privacy.”
What could have been a worst-case scenario?
“There was a proposal to broaden the Israeli Security Agency’s reach, that would be extended the tracking program by six months and enshrine it into law; we firmly opposed that. We succeeded in creating a stop and go mechanism whereby every 21 days its need would be reassessed.”
Some people refuse to download the Health Ministry’s HaMagen app since they say it also infringes on their privacy.
“I completely agree with the fact that the public’s trust has been shattered, and we were also very worried. The team that designed the app explained that the information gathered and stored there isn't permanently stored anywhere. If the public will give the HaMagen app a try, the Israeli Security Agency can stop its tracking program.”
That is the goal, says Wagman-Ratner, adding that the authority has taken additional steps to include reforms that protect infringement on privacy such as monitoring coronavirus patients in hospitals, sending drones to enforce home isolation rules, and more.
Yet, one of the main issues at stake is the lack of enforcement powers.
“True. The Privacy Protection Authority lacks certain powers and enforcement capabilities such as sanctions and handing out fines. Now, the authority is limited since it can only dish out fines of up to NIS 5,000 per person and NIS 25,000 to a corporation, and that’s a joke. There is no public justification that the privacy sector remains so limited. This is why we are working toward law reform over the next 40 years.”