IDF cyber warfare room 370.
(photo credit: Courtesy IDF)
Reports of an elaborate and extensive Iranian online espionage network, which may have tracked hundreds of high-value targets with the help of fictitious social media accounts, should come as no surprise.
The purpose of a state-sponsored online espionage network is usually not only to gather information but also to use that information to prepare cyber attacks. Due to the resources at their disposal, governments can develop cyber-attack capabilities many times more powerful than other types of hackers.
As Esti Peshin, a former senior member of Unit 8200 of Military Intelligence and currently head of the Cyber Program Section at Israel Aerospace Industries’ Elta subsidiary, told The Jerusalem Post
last year, “Attackers must know the structure of the network, who is working with it, and what defenses are in place. It’s very easy to get a list of employees, for example, by creating a fake social network identity.”
Often, the goal of such espionage is identifying weaknesses in networks that are critical for national security and basic state functions, including networks that are not linked up to the Internet.
Once a computer of an individual is infected with a virus, the malicious software can stealthily move on to the target’s inner circle, sending back information and preparing the ground for an attack.
Today, Western states are reliant on computers and the Internet for their modern existence, and that leaves them vulnerable to cyber war. What may begin as an enemy intelligence-gathering mission could later turn into a virus that disrupts military operation, or which targets commercial air travel, a national power grid or traffic control systems.
Attacks of this nature can be launched without the perpetrator being traced, meaning there is no deterrence.
It is generally assumed states have evolved offensive cyber warfare capabilities faster than defensive ones, and that those in the business of protecting national assets from cyber attacks are playing catch-up.
Experts in the field, such as Nir Gaist, chief technology officer and founder of the Nyotron computer security firm, have raised the prospect of an unprecedented state-sponsored cyber attack occurring in the future, when a “green light” is given by a government that has decided to “take the gloves off.” The result could be national paralysis on the receiving end.
Iran has the technological know-how to make progress in this field, and the Islamic Republic cherry-picks gifted youths to pioneer the country’s cyber warfare capabilities.
In Israel, cyber defenses have become a national priority, and experts say an essential part of defense involves tracing the source of the attack and taking the fight to them. That includes tracking and monitoring the online movements of suspected hackers and gathering counterintelligence on them, a measure that can result in an alert before an impending cyber strike.
If prevention fails, such measures leave open the possibility of retribution, which in turn allows some measure of deterrence against a hostile state.