Exclusive: Navy’s cyber warriors in technological arms race with Israel's foes

"From our perspective, the threat is always lurking on our perimeters – these are ‘borders’ made up of cables,” says a senior navy source.

APRIL 28, 2015 01:08

Operators in the Israel Navy cyber control room (photo credit: IDF SPOKESPERSON'S UNIT) — Operators in the Israel Navy cyber control room

(photo credit: IDF SPOKESPERSON'S UNIT)

The Israel Navy’s cyber warriors are engaged in an intensive and rapidly developing technological arms race with hostile entities seeking to attack naval digital networks, a senior navy source recently told The Jerusalem Post.

The source, an officer from the navy’s Information Systems, Processes, and Computerization unit, known by its Hebrew acronym MAMTAM, said that the navy’s extensive and highly advanced command and control networks and electronic infrastructure must be protected at all times, if the branch is to carry out key functions for national security.

“Today, all of our systems are based on computerization and databases. We have to bring things that are in the office out to sea and link the sea to the ground command room. Today, our linkage is much faster than in the past,” the source said.

Yet, he warned, just one weak link can compromise the entire network, and that is where the navy’s in-house cyber defenses come in.

“We are not just IT; we also deal with IP [Internet Provider] networks. We need cyber defenses, as does the C4i Branch, Military Intelligence, and Israel Air Force,” he added.

Without defensible networks, navy ships cannot monitor vessels for a prolonged period at sea, for example.

“We have to be able to be there for a long time and enable the transmission of data. A navy commander in the control room will want this data flowing to the coast. The navy commander who speaks to the IDF chief of staff from far away – this is a technological event,” the officer explained.

During conflicts, the navy would be hard-pressed without sufficient cyber security to send and receive huge amounts of data enabling it to cooperate fully with the ground forces and air force in monitoring and destroying enemy targets.

The source compared naval cyber security to the guarding of physical fences. But in the virtual sphere, “no one knows where the fence begins and ends,” he said.

Threats include the potential for hackers to steal intelligence and subvert command networks.

“Every IDF branch has its own fence, its network that it has to defend. Some sections are more exposed than others,” the source added. “The enemy is developing rapidly. An attacker could be a state or a lone hacker. He could be affiliated or unaffiliated but be sympathetic to an enemy, while sitting in a friendly state, far away. He can attack us from the other side of the world.”

The ability of hackers to cause damage is on the rise, and a technological arms race is under way, the officer said.

In the event of a devastating cyber attack, “we could go back to working with paper and pencil. However, we do not want to do this. Our goal is to maintain technological continuity.”

To that end, the navy has built up cyber defenses that operate at all times, against generic and unique threats.

“We have cyber warriors,” the source said. “They know our C4i patterns and supply a defensive system, while being able to identify any anomaly in the system. They can identify an effort by an enemy to infiltrate our systems, an effort that will not be accompanied by an announcement. From our perspective, the threat is always lurking on our perimeters – these are ‘borders’ made up of cables.”

The moment a threat is identified, the naval cyber operators must go into action. This means knowing “when someone touches the fence, and knowing this on time. It means being able to investigate, block and neutralize. We have a cyber control room for the navy,” the source said.

The navy witnessed a rise in the number of attempts to conduct cyber attacks against it during Operation Protective Edge last summer.

“We were prepared. Yet we saw the technology they used. This has prompted an arms race on our side. The navy understands that cyber conflicts are wars in their own right, beyond conventional conflicts that we have grown accustomed to. In cyber war, one can engage without firing a single bullet. Attacks can come before a conventional war. There are no official cease-fires. It goes on all of the time.”

The alertness of operators and competent sensors that deliver warnings are essential tools in this fight. “Otherwise, operators could class all alerts as junk. Yet [the operator] must know that one alert could be real, and [must] identify it. This is not simple. We have developed supportive systems that help filter out the alerts.”

The Information Systems, Processes, and Computerization unit is the navy’s in-house programming body, and it is made up of three branches: technology, operations and industry, and cyber.

To be accepted cadets must pass a demanding test course, which is as stringent as other military entry programs. All segments of the population are represented in the unit, including haredi members and volunteers.

“They come back after two to three years as different people,” the source said. “We see that young people come with a lot of technological hunger and dreams. They went from being enablers to actual creators of reality. Now, when a control room receives visual images from various angles, from the sea, land and air, this creates a new combat reality.”

At any given time, the navy’s networks are packed with data flowing through it. It must be analyzed, filtered, and the remaining “gems” of information delivered to the right end users in very little time.

“We are dealing with big data, and we have to be on the lookout for the golden piece of information that will save the next operation,” said the source.

The unit’s formation dates back to 2000, when the navy had to replace many of its systems due to the predicted Y2K computer bugInstead of replacing what the officer described as a “spaghetti of connections,” the navy opted instead to create a singular, energy resource planning (ERP), integrated system.

This flagship event gave birth to the current unit, and the navy was “15 years ahead of its time” in switching over to ERP, said the officer. Integrated systems eventually spread throughout the whole of the IDF.

“We saw that civilian processes can be recreated in the military. There is no difference between running a factory and a shipyard. There is no difference between upgrading a car and a naval vessel,” said the officer.

In addition to economic savings, the ERP system set in motion a fundamental concept in the IDF, the source said. It allowed computerized networks to manage whole operations rather than just logistics and personnel.

Fourteen years later, when the IDF launched Operation Protective Edge last summer to stem Gazan rocket fire on the South, the IDF had made the switch to network- based warfare.

This allowed an infantry battalion commander to send the precise coordinates of an enemy target to a missile ship in the Mediterranean Sea, off the Gaza coast. The ship’s guided missile destroyed the target.

“The result is a new sea-based front that we created,” the source said. “All I have to know is the coordinates. This enables me to provide immediate firepower assistance. The battalion commander sends over what he sees. We bring our capabilities to the battle arena. We share visual intelligence,” he said.

The officer said the navy is not resting on its laurels. As new operational needs arise, the naval engineers offer an initial solution within 24 hours.

“Our ‘clients’ want operational responses. This used to take months to do. Now, we are looking at 24-hour to 48-hour delivery,” he said. “If, in the past, we understood new needs after combat, then went back to the drawing board and came up with updated versions, in the last conflict we did this as we fought.”

“The enemy in Gaza has understood that we form a new western [sea-based] front,” he added. This forced Hamas to take new kinds of evasive action during the summer war. “The fact is that we could keep vessels operating continuously, instead of bringing them back. They remained at sea throughout the entire war. This was not a simple technological feat,” said the officer.

All of these new capabilities, he stressed, are based on the ability to swiftly deal with huge amounts of information, which must flow freely from the coast to the sea and back, through various bandwidths.

“We developed a much faster data delivery and filtering ability. One of our big advantages is that we developed this in-house. We kept the knowledge at home, meaning that our ability to change our systems is immediate,” said the source.

The same networks allow the navy to send and receive visual intelligence over very long distances – even thousands of kilometers – from the command room.

“We have to think about the future,” the officer said. “We understand that science fiction is here.”

Exclusive: Navy’s cyber warriors in technological arms race with Israel's foes

"From our perspective, the threat is always lurking on our perimeters – these are ‘borders’ made up of cables,” says a senior navy source.

Clip of Hersh Goldberg-Polin evokes joy and heartbreak throughout the country

We must get US masses to care about Israel

Passover as a reminder we must win war, stop national divisions and build a future

The masks have come off at Columbia: Students turning on Jewish peers

Melanie Philips: A voice on the Right and valued Israel advocate