Iran's IRGC intel was hacked by U.S.: What does this mean? - analysis

And how does Russia's alleged hacking of Gantz's phone play into this?

By YONAH JEREMY BOB
Iranian armed forces members march during the annual military parade in Tehran, Iran September 22, 2018 (photo credit: TASNIM NEWS AGENCY/HANDOUT VIA REUTERS)
Iranian armed forces members march during the annual military parade in Tehran, Iran September 22, 2018
(photo credit: TASNIM NEWS AGENCY/HANDOUT VIA REUTERS)
It is a cliché, but hacking has reached new heights.
Russia allegedly cyber penetrated Blue and White party cellphones, including perhaps that of prime ministerial candidate Benny Gantz.
CGI Group president and former Shin Bet chief Yaakov Perry has confirmed that his company found some level of penetration, but not to what extent, and not whether there was direct penetration of Gantz’s cellphone – even as Blue and White says there were mostly unsuccessful attempts.
Part of this story line is – true or not – about high level cyber penetration of top candidates in democracies and leaked reports of those penetrations or attempts, in order to try to influence the results of the election in question.
These penetrations, and leaks about them, are now a regular part of election campaigns (in the April 9 election, Iran reportedly hacked Gantz’s cellphone, and Russia has hacked aspects of US and European elections) despite all efforts to control or prevent them.
Another story line is The New York Times report of the US’s cyber penetration of Iran’s IRGC intelligence center for tracking ships, substantially reducing the Islamic republic’s ability to interfere with maritime trade.
Until now, the US has admitted to hacks of Iranian nuclear centrifuges and of ISIS’s command centers in the middle of battles.
But now the US is taking offensive cyber action in areas that might be considered more diplomatic-economic – even as Iran’s recent piracy on the seas has military shades to it.
What does all of this mean?
Why would Russia try to hack Gantz’s telephone, whether they succeeded or not, after current Shin Bet director Nadav Argaman essentially named them as having interfered in Israel’s April election in some unspecified way?
Who would leak the CGI report about the hacks or attempted hacks?
What are the greater implications of this new environment, full of alleged or potentially fake news, for making national security decisions?
Regarding Russia, Perry said that CGI found indications that the hacking attempts came from Eastern Europe.
That does not confirm or deny Russian involvement, but it does add another interesting twist.
Likud has a large poster of Netanyahu and Putin together, and the two leaders worked together to give reciprocal diplomatic victories in the final days of the campaign in April.
That does not mean that Putin is trying to undermine Gantz in favor of Netanyahu, but it raises the question.
It is unlikely that the top echelon of CGI leaked their own report, which can only hurt their customers’ trust in their confidentiality.
But a variety of scenarios are possible involving leaks by lower CGI operatives, Russia leaking to supporters of Netanyahu, or an operative in Blue and White releasing the report due to some kind of competitive goal or complex calculation in the internal battle between the camp of Yair Lapid and the Gantz camp.
In terms of national security, former IDF deputy chief of intelligence Brig.-Gen. Itai Brun wrote in an INSS post on Thursday that the implications of the hack and the leak are serious.
He said that it is becoming worryingly less clear whether decision-makers still regard professional fact-based analysis as the basis for decision making.
Trump’s problems with the professional level of the CIA and the FBI started from his contradicting their assessment that Russia hacked the 2016 US presidential election in order to help him.
When foreign countries are trying to hack top leaders, with heavy political consequences, and intelligence agencies weigh in, how can all of this not impact the relationship between leaders and their spy agencies?
Brun writes that “the terms ‘post-truth’ and ‘fake news’ describe a growing difficulty in clarifying and understanding reality, and consequently, in making correct decisions, including in the field of national security.”
And then we come back to the US hack of Iran.
The Obama administration was very hesitant to use cyber powers offensively.
The Trump administration, largely through the influence of National Security Adviser John Bolton, has been far more aggressive.
Was the hack over more diplomatic-economic issues worth it, and might it boomerang against the US?
Nearly every US offensive cyber weapon, including those used against Iran’s nuclear program and many others developed by the CIA or NSA, have been themselves hacked and dumped onto the Internet for bad actors to use.
Now won’t it just be a matter of time before Iran, North Korea, Russia or some other rogue regime uses these abilities to hack US or US allies’ shipping?
Also, won’t Iran plug whatever hole it had in its cyber defenses that will restrict US cyber spying capabilities?
Part of the answer that Bolton has been giving for the overall strategy change is that these players are already acting aggressively.
Maybe they have not figured out every US cyber technique, and when the US uses a new tool, it might be turned against the US. But the bad cyber actors are attacking or trying to cyberattack the US and the rest of the West in stunning numbers.
At the time of the hack in June, Iran was making a field day of capturing and harassing US-allied ships.
Curiously, Britain’s intelligence services MI6 and GCHQ were reportedly checking in July whether Iran used Russian GPS “spoofing” technology, which produces incorrect location data, to send the British-flagged Stena Impero off course into Iranian waters.
According to British media, the UK’s intelligence services think Iran might have done that, thus giving the IRGC an excuse to seize the ship.
According to The New York Times report, this attack is considered unrelated, and whatever Iranian systems the US hacked in June are still down.
Maybe the ongoing nature of the cyberattacks in both directions, and the fact that they might not even be related, emphasizes US Cyber Command Gen. Paul Nakasone’s strategy of “persistent engagement” in the cyber sphere as a mere fact of life that leaves behind the debate of whether to hold back.
If there is one thing that connects the Gantz cellphone hack and the US hacking of Iran, it is that cyber wars are quickly overtaking or injecting themselves into virtually every area of politics, warfare, diplomacy and economics.