According to Israeli media reports, the Jewish state has recently been subjected to another cyber attack: at least 80 Israeli companies were affected by the Pay2Key hacker group, one which is presumably from Iran. According to the news site Ynet, this group of hackers has released documents concerning some of Israel’s most prominent companies that use services provided by Portnox, including Bezeq, Elbit, and El Al. Pay2Key claimed that it had captured nearly 1 terabyte of data that specifically included a data array from the major Israeli defense company Elbit. According to Israeli experts, unlike the conventional ransomware hacking programs that require hundreds of thousands – or even millions – of dollars, this time the hackers only needed relatively small amounts of money. This shows that the main point for these cyber attacks on Israel was not the material, but rather the ideological aspect, with the desire to inflict damage that was publicly broadcasted.
In recent years, the cyber war between Iran and Israel has become increasingly serious. This is especially true since the Stuxnet computer virus disabled more than 1,000 centrifuges at Iranian nuclear facilities in 2010. Back then, Israel and the United States successfully used the world’s first cyber weapon, showing the whole world that a new battlefield exists. Stuxnet has proven in practice that in cyberspace it is possible to not only conduct information campaigns and intelligence operations, but also military operations that cause tangible material damage to an enemy.
In 2015, The Wall Street Journal, citing information from senior US officials, reported that Israel was eavesdropping on the nuclear negotiations taking place between Iran and the United States to try to obstruct the terms of the nuclear deal. The publication reported that Israel received information from participants in confidential American briefings, as well as from informants and diplomatic contacts in Europe. After that, a certain allegedly pro-Palestinian hacker, under the handle Abderrazak, hacked the website of the Israeli parliament (Knesset), and left the inscription FreePalestine on it.
In the past ten years alone, Israel has been repeatedly accused of committing major cyber attacks on Iran’s defense industry and nuclear facilities, its leading commercial organizations, and its financial system.
Israel was also accused of a major cyber attack in May 2020 on the Iranian port of Bandar Abbas, and it tried to explain its actions by alleging that Iran was using the port for military purposes to help terrorists in other parts of the Middle East, including Hamas and Hezbollah. The attack caused the collapse of the computers that track the ship and truck traffic movements in a port located in a strategic region of the Strait of Hormuz, in the Persian Gulf.
Israel’s active participation in cyber wars has not been a secret to anyone for a long time. Israel has long had special operations units that are involved in cyber attacks. One of the most renowned from among these is the Israeli Intelligence Corps Unit 8200. This unit is similar to the US National Security Agency, also known as the “global ear”. Unit 8200 is tasked with intercepting intelligence, decrypting information, eavesdropping on enemy targets, and organizing cyber attacks. Another formation is the IDF C41 Corps, whose main task is to perform work in defense networks. Recently, news leaked that the C41 Corps had set up a separate cyber department at IDF headquarters in the HaKirya area of Tel Aviv. In addition, the Mossad has its own cyber department.
“From a professional perspective, the Israeli armed forces are constantly and relentlessly fighting in cyberspace, gathering intelligence and protecting their own networks. In addition, when necessary cyberspace will be used to carry out strikes and reconnaissance operations. The goals of cyber warfare include disrupting and thwarting adversaries’ attempts to limit operational freedom for Israeli armed forces, and for Israel itself as a whole.” These lines are taken from the official website of the Israeli armed forces, and clearly show the attitude the Israeli armed forces have toward cyber warfare, which until then was not clearly defined.
In the beginning of 2020, The Jerusalem Post, citing a high-ranking IDF officer, reported that the IDF began to increase the headcount of its cyber warfare troops, which are primarily tasked with conducting cyber attacks against Iran. For these purposes, about 300 young computer specialists that possess hacking skills were additionally recruited, and many of them never graduated from college, or even do not even have a completed high school education.
The recruits will serve in Intelligence Corps Unit 8200, and in the C4I Office of Command, Control, Communication, Computers, and Intelligence These two units will be in charge of future IDF cyber warfare.
Israeli media outlets report that the decision to recruit soldiers is part of a new, multiyear plan the IDF has to expand its cyber warfare capabilities. In recent years, the IDF has invested heavily in the “digitization” of its troops, and has created the Tsayad (Hunter) program, which allows units to exchange cyber information on the whereabouts of both friendly and hostile units.
With the acceleration of the cyber arms race around the world, including in the United States, Israel, and Iran, cyber warfare is becoming an essential component of the hybrid war that is being waged, in particular but not exclusively, between Israel and Iran – with direct participation on the part of the United States. This cyber war inflames the mistrust and mutual hostility between them, and may become a pretext for starting a “hot war” fraught with the most unpredictable and catastrophic consequences, and not only for the warring parties.
In this regard, it should be noted that the unstoppable, increasing pressure on Iran from the administration of US President Trump, especially after Washington’s withdrawal from the Joint Comprehensive Plan of Action (JCPOA) in May 2018, is eliciting an ever-increasing reaction from Tehran in response – including in cyberspace.
Under these conditions, what is very fitting is the admonishment delivered by The American Conservative that “the dual cyber-economic strategy (cyber strikes and sanctions) has turned out to be extremely risky and counterproductive. This strategy contributes to further escalating and intensifying Iranian aggression.” Among other things, it is impossible not to take into consideration that the joint US-Israeli campaign of “maximum pressure” plays into the hands of Iranian hardliners, undermining the positions of moderate forces in Tehran, and therefore making it extremely difficult to reach a peaceful settlement. “Diplomacy and persistence, and not digital and economic attacks, will allow us to get what we want from Iran,” the newspaper emphasizes – and it is difficult to disagree with this.
Vladimir Platov, an expert on the Middle East, exclusively for the online magazine “New Eastern Outlook”.