Sometimes the third time is not the charm - analysis

The real issue is that the army should have been prepared for such an attack and should have taken more precautions, says Altshuler, senior fellow at the Israel Democracy Institute.

Photo of a Hamas honeypot photo, identified as Yael Neshama (photo credit: IDF SPOKESPERSON'S UNIT)
Photo of a Hamas honeypot photo, identified as Yael Neshama
It was an interesting tweet to start the week.
The IDF on Sunday morning tweeted a picture of a young girl in a provocative pose with no caption. Many thought the IDF’s English Twitter account had been hacked, others wondered if an angry soldier in the Spokesperson’s Unit had tweeted a picture of an ex-girlfriend in revenge.
But it was neither. It was a preview of Operation Rebound, which foiled another Hamas attempt to catfish (using false profiles online to deceive) Israeli soldiers using pictures of women to lure them into downloading viruses onto their phones.
Operation Rebound was the third operation against Hamas honeypots in the past three years. First it was Operation Hunter’s Network in 2017, followed by Operation HeartBreaker in 2018 and now Operation Rebound.
Despite similarities in the way the enemy networks had previously acted – using applications like Facebook and Instagram as well as using WhatsApp – hundreds of soldiers and officers have had their phones hacked by Hamas operatives by such catfishing operations.
After conversing with their targets – sometimes romantically – the soldiers were then asked to download applications, which led them to compromising their cell phones, since the applications would infect their phones with Trojan horse viruses.
Even though the military was able to foil the plots and take down the honeypot networks, something must have gone right for Hamas to continue with their plans using such similar modus operandi.
Dr. Tehilla Shwartz Altshuler, senior fellow at the Israel Democracy Institute and head of the institute’s Media Reform Program and Democracy in the Information Age Program, told The Jerusalem Post that the Start-Up Nation’s army should be more aware and take more precautions against such threats.
“It’s not that something is going right for Hamas, it’s more that the literacy and awareness of possible data breaches is not high,” she said. “We see it everywhere – in election apps that are being leaked, in bank apps. And we see it again and again in the army, in the ‘Cyber-Nation Army.’”
Referring to the controversies surrounding Israel’s NSO Group, Altshuler said the IDF should know best that any smartphone can be used as a tool for spying.
“Israel uses similar technology to turn any smartphone into a spying machine. They should have been aware of that,” she said.
 “Why does it allow soldiers to use them?” she asked of smartphones. “If the army wants to take precautions in data security, why don’t they have soldiers only use old cell phones like in the haredi [ultra-Orthodox] community?”
The real issue, Altshuler said, is that the army should have been prepared for such an attack and should have taken more precautions.
With the Hamas spyware installed, the terror group had access to everything on the soldier’s phones, including their personal pictures. That potential massive data breach brings us back to that tweet posted by Israel’s twitter account.
There were six characters in the latest honeypot attempt by the Gaza group: Sara Orlova, Maria Jacobova, Eden Ben Ezra, Noa Danon, Yael Azoulay and Rebecca Abuksis.
Unlike in the past two attempts, to boost the character’s credibility Hamas not only used the same individual on various platforms to increase its credibility, but edited the pictures of the characters – making it more difficult to find the original source of the picture.
First their identities were stolen by a terror group, used to catfish male soldiers, and then tweeted – without their permission – by the IDF and left up the post without any explanation for 30 minutes before the story broke at 11 a.m.
The military has stated that it has been trying to identify the women whose identities were stolen by the terror group, but has not yet succeeded. The IDF has confirmed, though, that none of the women is an Israeli citizen.
The release of the picture on social media before the story broke was to out the terror group, to embarrass and to stress Hamas, says the military.
Israel may have outed the pictures but Hamas stole their identities.
But Altshuler further said the IDF’s intended spoiler to Hamas was a disgrace. Referring to the IDF Spokesperson’s Unit as “the biggest advertisement agency in the Middle East,” Altshuler said Israel’s military should not be using its social media accounts to troll enemies.
“The way it was exposed this morning was a disgrace,” she said, adding that “it’s sexist, it’s disgusting and not how the biggest advertising agency should act with our taxpayer money. It’s not funny. Don’t send me half-naked photos and tell me that the real story will be revealed in an hour and a half. It’s not a joke.”
It’s not a joke. Not the catfishing and not how the military tried to scare, if you will, Hamas. The IDF will continue to have to deal with similar digital challenges. On the one hand, making noise to grab the world’s attention and on the other hand, ensuring that soldiers do not fall prey to Hamas honeypot attempts. The balance will be hard to find but the challenge – of keeping Israel safe – needs to remain the top priority. Not just grabbing likes on Twitter.