Keeping track of the cyber battles between the US and Israel and their cyber adversaries is dizzying and constantly changing.
The US is certainly upgrading its cyber capabilities to undermine groups such as ISIS. The New York Times reported last Sunday that the US Department of Defense’s Cyber Command unit is mounting an offensive against ISIS to block it from spreading its message, recruiting members, paying fighters and from exercising command and control functions such as issuing instructions online.
As part of its “cyber bomb,” the US has placed implants within ISIS’s networks so it can mimic their behaviors and orders, and make slight changes to redirect ISIS fighters in a way that leaves them exposed to ground or drone assaults.
These are the practical measures the US has shied away from using until now because of legal issues and the possibility of a boomerang effect. For example, there are also reports that the US came close to paralyzing Syria’s air force a few years ago to hamper its barrel bombing of civilian populations, but held off because it could cause diplomatic complications with third countries.
Yet ISIS is adversary unlike any seen before; its ruthlessness has invited innovative ideas about how it can be defeated.
In mid-April, Pentagon officials told the US Congress that it is developing cyber and other electronic weapons to attack enemy missile systems prior to launch. Such weapons act as a counterpunch to adversaries trying to overwhelm US defense systems with a volley of missiles.
The potential of these cyber offensive actions is awesome in their breadth, but they are really part of a defensive strategy.
They have evolved to counter the possibility of a missile defense system being overwhelmed by sheer volume. Attack rockets cost less than defensive missiles, but only if the US can produce them en masse to avoid a costly arms race.
But on the flip side, the US, after sufferings years of cyber attacks from Chinese hackers (despite a pledge by President Xi Jinping to stamp out such activity) has not found any solutions. US President Barack Obama appears willing to keep his head down on the issue as he nears the end of his term.
The bilateral pledge between the US and China, agreed to in September, calls for an end to cyber hacking, especially commercial hacking. Obama pushed for the initiative since 2013.
Despite the pledge, V.-Adm. James D.
Syring, chief of the US Missile Defense Agency, a week ago reiterated that China is still trying to hack into US missile defenses, even after the US has flagged this and other violations of the deal.
Besides negotiations, the US embarrassed Beijing by indicting five senior Chinese officials for cyber spying in the summer of 2014 and considered offensive cyber retaliation by counter-hacking and publicly revealing Chinese secrets. Hacking could go as far as breaking down China’s great firewall for censorship, opening China’s citizenry to unguarded and unmonitored Internet access, along with spilling Chinese state secrets.
But Obama’s truce, despite past Chinese transgressions as well as US weakness in the face of current breaches, shows that the US president believes avoiding conflict is more important than the payoff of enforcing the pact.
Like the US, Israel has some impressive offensive cyber weapons. The Jerusalem Post reported in June 2015 that IDF Brig.-Gen. (res.) Pinchas Barel Buchris, a former head of Unit 8200, said that it has the ability to hack into Hezbollah’s highly advanced computerized rockets to prevent their launch.
This capability could save Israel from an arms race involving iron dome missiles versus rockets from Hezbollah and Hamas, much like the case with the US.
On March 31 the Institute for National Security Studies published a 81-page report with recommendations for Israeli cyber policy.
In terms of using cyber offensives, the report recommended a multi-pronged approach, including integrating them with attacks by conventional armed forces, disrupting the enemy’s communications system, using private sector proxies (as Israeli adversaries do), and utilizing restrained attacks to send deterrent messages.
A week ago, the Post’s Yaakov Lappin reported that the IDF’s unit for information technology security held its first-ever cyber war drill. The drill was based on accumulated experience about what to expect from recent cyber attacks on the IDF’s systems.
But with all of these offensive and defensive innovations, Israel has recently admitted that a number of cyber hacks have been embarrassingly successful in targeting the country’s most sensitive systems.
The first hack carried less severe operational consequences. In January, The Intercept magazine revealed that between 2008 and 2012, the US and British intelligence services hacked into Israeli drones and aircraft such as the F-16 fighter, in order to monitor their activity under a classified program code-named “Anarchist.”
It was revealed that the UK’s intelligence services, known as the Governments Communication Headquarters, which works in conjunction with the US National Security Agency, systematically surveyed Israeli drones from Cyprus.
The purpose was to collect information on military operations in Gaza, especially during 2008-9’s Operation Cast Lead, monitor the possibility of Israeli strikes on Iran and tap into drone technology the Jewish state was exporting globally.
The UK and US intelligence services collected snapshot images from the Israeli drones, as well as data that mapped the paths taken by the unmanned aircraft.
Israel’s arch enemies carried out the second hack, making it far more serious.
On March 23, Islamic Jihad master hacker Maagad Ben Juwad Oydeh was indicted in the Beersheba District Court for grave cyber hacking crimes against Israel from 2011 to 2014. The announcement shockingly revealed that the Palestinian had hacked repeatedly into the IDF’s drones hovering over Gaza enabling him to view the drones’ video feed.
An indictment filed by the Southern District Attorney’s Office also charged Oydeh with hacking into the police, transportation authority and Ben-Gurion Airport’s video cameras, enabling the terrorist group to study the location of civilians and IDF personnel in real-time as fired rockets during past conflicts.
Also, in mid-March, former New York mayor and current cyber security guru Rudolph Giuliani told the Post that there are many cutting-edge cyber defense technologies that governments are not using and he is not sure why – although he did not list them, for security reasons.
Public relations for Israel’s cyber strength could stress that the breaches were from 2014 or earlier and that Giuliani’s criticism was vague.
And none of the defensive vulnerabilities detract from the US and Israel’s cyber offensive prowess.
If anything, the latest developments simply stress that whoever is on the cyber offensive almost always has a serious advantage and that all sides of a cyber conflict are unlikely to avoid getting cyber-bloodied.