Security and Defense: Nuclear worming

Is Israel behind the latest Stuxnet cyber-attack on Iran?

By YAAKOV KATZ
Iranian trading floor 311 (photo credit: Bloomberg News)
Iranian trading floor 311
(photo credit: Bloomberg News)
In April 2007, Estonia came under attack. Not by terrorists, fighter planes or tanks, but by computers.
Deemed one of the more computer-savvy countries in the European Union, Estonia’s government computer systems were nonetheless hacked into and came under siege.
The government pointed an accusatory finger at the Kremlin, which had been angered by the removal of a Soviet World War II memorial from the center of Tallinn, the capital. The attacks paralyzed, albeit for a short time, government ministries, banks and media.
The significance of the cyber-attack was that it triggered an international response and prompted the Western world to begin confronting the new challenge of cyber-warfare.
In June of that year, NATO defense ministers convened at the alliance’s headquarters in Brussels and promised immediate action, which led to the establishment a year later of the NATO Cooperative Cyber Defense Center of Excellence in Estonia with the goal of designing defense systems for NATO’s network and member countries.
In 2009, the US activated the Cyber Command to defend it from cyber attacks, which it has come under over the years, allegedly from China.
Israel has also invested heavily in the cyber field in recent years. After the Americans made the decision to establish a special Cyber Command, Israel began to consider its own move and at one point even deliberated the possibility of establishing an entire new command within the General Staff also to be named the cyber command.
Deputy Chief of General Staff Maj.-Gen. Benny Gantz was asked by his boss Lt.-Gen. Gabi Ashkenazi to evaluate the issue and make recommendations.
After a short study of the issue, Gantz decided not to establish a new command and to divide responsibility between Military Intelligence and the C4I Directorate, responsible for communications.
Military Intelligence Unit 8200, the equivalent of the US National Security Agency, already responsible for signal intelligence, eavesdropping on the enemy and code decryption, was entrusted with offensive cyber capabilities. Defense was left with the C4I Directorate.
To ensure that the two branches continued to cooperate and work together, the IDF decided in mid 2009 to assign a Military Intelligence lieutenant colonel to Matzov, the unit in the C4I Directorate that is responsible for protecting IDF networks.
Matzov is also responsible for writing the codes that encrypt IDF, Shin Bet (Israel Security Agency) and Mossad networks as well as mainframes in national corporations, such as the Israel Electrical Corp., Mekorot – the national water company – and Bezeq.
The officer’s job is to receive the information from Military Intelligence on enemy capabilities and coordinate with the C4I Directorate to make changes to IDF computer defenses if needed. In addition, C4I has established a special team of computer experts which tries to breach IDF firewalls and encryptions as if it were the enemy.
“The threat is always growing and we always need to be one step ahead,” a senior C4I officer explained a few months ago. “There are attempts all the time to try and hack into our networks, and we are aware of our enemies’ capabilities.”
In December, Maj.-Gen. Amos Yadlin, the outgoing head of MI, warned of the growing cyber-warfare threat. He compared the evolving world of cyber-warfare to the entrance of air power into militaries and the effect that had on the battlefield.
Cyber-warfare, he said, fit in well to the IDf’s defense doctrine, both offensively and defensively. He said that while it was difficult to know what role cyber-warfare would play in the future, it gave small countries abilities that used to be only in the hands of superpowers.
‘This is something that is completely blue and white, and we do not need to rely on foreign assistance or technology,” Yadlin said. “It is a field that is very well known to young Israelis, in a country that was crowned a ‘start-up nation.’” Yadlin’s comments resonated widely due to who said them. In 1981, he was one of the fighter pilots who bombed the Osirak reactor Saddam Hussein was building in Iraq. His comparison between cyber-warfare and air power was therefore not taken lightly.
Israel’s expertise in cyber-warfare comes mostly from defense industries which are built on graduates of some of the IDF’s elite technological units where they learn to develop cutting-edge technology.
In addition to the C4I Directorate, the Shin Bet in 2002 was put in charge of securing governmental systems and national infrastructure such as the power grid and water systems. It also advises banks on how to protect their data.
ON THE offensive level, not much is known about what Israel can do. Media reports have widely speculated that it is behind the Stuxnet virus that has attacked Iran and is possibly behind the delay in activating the Bushehr nuclear reactor. Some cyber experts have claimed that Stuxnet, which specifically targets systems made by Germany’s Siemens company, is one of the most sophisticated worms in existence with an ability to reprogram control systems.
Either way, Israel is believed to have used cyber tactics against enemies. In September 2007, when it bombed a Syrian reactor, a report in The New York Times claimed that cyber tactics and electronic warfare were used to shut down its air defense commandand- control systems. It is also believed to have used cyber-warfare against Iran, possibly to sabotage equipment intended for installation in nuclear facilities.
But Israel has also been the victim of cyber tactics and electronic warfare. During the Second Lebanon War, Hizbullah reportedly succeeded in hacking into Israeli communications systems and eavesdropping on what were supposed to be classified transmissions.
During Operation Cast Lead in the Gaza Strip last year, pro-Palestinian groups reportedly succeeded in attacking the Amos 3 communications satellite and manipulating network television broadcasts.
While neither of these instances caused serious damage, they are partially what has prompted the bolstering of defenses. In recent years, the IDF has become more and more dependent on network warfare.
The Ground Forces Command’s Tzayad Digital Army Program is one example. Developed by Elbit Systems, the Tzayad – recently installed in several IDF units – connects all land assets together by enabling every tank to see where the artillery and infantry units are located and vice versa.
This enables any one of the assets to identify a target, put a dot on its location on a digital map and then everyone else on the network can see it. If an enemy succeeds in breaking into the network and seeing the same map, or alternatively manages to shut it down, Israel will have lost its qualitative edge in that specific battle.