Israeli cyberattack co Blue Ocean serves East Asian gov't

Blue Ocean credit: Cadya Levy
Blue Ocean credit: Cadya Levy

Blue Ocean was founded by former senior Israel Air Force officers on the basis of a deal with an East Asian country, with approval from Israel.

Exclusive: Dozens of young people descend on an ordinary looking building in central Tel Aviv's bustling Rothschild Boulevard each morning. Some arrive on foot others on electric scooters, as throughout the district. But in this very ordinary building, which houses companies, associations and several law offices - there is also one office that does not have a sign on the door. Only those who enter it will see the Blue Ocean company logo, which is hidden behind a glass door that is inaccessible to the casual visitor. The blinds in the office are also permanently closed.

Inside the space, which looks quite similar to what you will find in dozens of other startups, about 40 cyber experts work every day developing software that is exported abroad and used in daring intelligence missions. Although it is ostensibly a private cyberattack company, in reality it houses a contracting project for a country in East Asia , one of the most intriguing and secret in Israel approved by the state.

Deal with the state

Blue Ocean develops cyberattack spyware that allows security agencies to gather intelligence based on surveillance of devices of suspects and foreign intelligence organizations. Companies like NSO Group, Candiru and QuaDream, which recently closed, operate as private companies trying their luck on the free market. But Blue Ocean was founded purely on the basis of a deal with an East Asian country, with the approval of Israeli state institutions.

The company's founders are former senior officers in the Israel Air Force. Among them is Brig. Gen. (res.) Rami Ben-Efraim, the former commander of the Ramat David air base and head of manpower, and Col. Ron Tira (res.) a former pilot who served in various positions in planning air force systems. Towards the end of his service in the air force, Ben Efraim served as the military attaché in various countries in the Asia Pacific region including Singapore, Thailand, and New Zealand. After being discharged from the air force in 2017, he founded Blue Ocean together with Tira.

Subsequently Avi Rosen joined them as CEO, the former CEO of Kaymera, a cyber company founded by NSO founders Shalev Hulio and Omri Lavie to protect Trojan horses like those of NSO. Another prominent executive at Blue Ocean is David Brenner, CEO at WM - Intergrate Wealth Management, in which Tira is also a partner. One of the directors of Blue Ocean is Major General (res) Giora Eiland, the former head of the IDF Planning Division. Eilan is also on the board of Black Cube, a private surveillance agency, which has aroused controversy because of its information gathering methods.

As a company financed by foreign government funds - and not on the basis of a one-time project - Blue Ocean enjoys a type of privilege that has no equal in Israel's cyberattack industry. The company is actually freed from the need to look for customers, the number of which has dwindled after the sale and export of cyber intelligence systems was restricted by Israel's Defense Export Control Agency (DECA) to only democratic countries at the beginning of last year, under pressure from the US administration.

The US has reduced the market

Israeli cyberattack companies have put heavy pressure on the Ministry of Defense for it to ease the restrictions on them. "Globes" has learned that the ministry expressed an initial willingness to discuss relaxing sales to countries friendly to Israel that do not appear on the exemptions list. But as long as the Biden administration, and in particular Secretary of State Anthony Blinken, maintains strained relations with the Israeli government, it will be difficult for the Ministry of Defense to approve concessions.

On top of that, in March the Biden administration moved forward in its campaign against Trojan horse software and further tightened the ban on US agencies using commercial spyware for operational purposes. The move improves the position of cyberattack companies in the US, which are mostly military, and hurts Israeli cyberattack companies that are interested in working with major US intelligence agencies. The decision poses a challenge to smaller agencies such as the FBI and the Drug Enforcement Agency (DEA), which don't have advanced R&D departments and still need to purchase spyware from private companies. In the past, the FBI considered using NSO and then decided against it, according to "The New York Times."

The US administration's policy distances Israeli companies from the US in favor of American cyberattack companies, and in the process pushes Israeli companies out of the market altogether. However, the US administration is careful not to authorize US cyberattack companies - which are usually quasi-governmental - to sell their attack systems on the free market to non-democratic or semi-democratic countries as prominent Israeli companies in the field like NSO, QuaDream, Candiru and Nemesis, were used to doing, until the beginning of 2022.

A new contract in Europe

As a company that has received special security approval, Blue Ocean has profited along the way, and enjoys a type of financial immunity that other cyberattack companies operating in Israel do not have. Using intelligence spyware for diplomatic purposes is nothing new. "The New York Times" has published that Prime Minister Benjamin Netanyahu pressured the Ministry of Defense to allow NSO to return to activity in Saudi Arabia after the signing of the Abraham Accords. Even though the ministry had demanded a halt to such activities due to reports of human rights violations in the kingdom.

Estimates are that so far tens of millions of dollars have been invested in Blue Ocean and its products. The company recently signed another contract with a European country - so it wants to expand to other markets. In addition to product development, the company's executives in the Rothschild Boulevard office are involved in training in the sponsoring country and investing in the development of local cyberattack expertise.

Despite its importance to Israel's security relations, Blue Ocean is located in a prominent place in the center of Tel Aviv, its offices are not particularly secure and access to the floor where they are located is easy.

Blue Ocean and its managers declined to comment on the article.

Published by Globes, Israel business news - - on May 14, 2023.

© Copyright of Globes Publisher Itonut (1983) Ltd., 2023.

Blue Ocean credit: Cadya Levy
Blue Ocean credit: Cadya Levy
Twitter Facebook Linkedin RSS Newsletters גלובס Israel Business Conference 2018