Analysis 03-25-2016


Israel’s Cyberwarfare Capability

One of the Best in The World

An idea of the scope of Israel’s cyberwarfare capability was revealed this week when it was revealed that the American Federal Bureau of Investigation (FBI) had hired an Israeli electronics company, Cellebrite, to crack the encrypted information in the cell phone that was used by the two San Bernardino shooters.

The FBI had originally tried to force Apple, the cell phone manufacturer to break the encryption – something that Apple had refused to do. A federal court was supposed to hear the case on Tuesday. However, on Monday, the FBI informed the court that it no longer needed to force Apple to break the encryption because a third party had come forward.

So, who is this Israeli company that is able to break an encrypted cell phone that had stumped American computer experts?

Cellebrite, is an Israeli company that sells a forensics system used by law enforcement, the military and intelligence services to retrieve data hidden inside mobile devices like cell phones. It was established in Israel in 1999 by Yossi Carmil and Ron Serber. Its ‘Universal Forensic Extraction Device’ (UFED), is able to extract data from mobile devices such as cellular phones and other hand-held mobile devices. It also has the ability to recover deleted data and decipher encrypted and password protected information.

Cellebrite also has a close relationship with the Israeli military and intelligence community. Former Israel Defense Forces captain Amit Gross is Cellebrite’s Mobile Research manager and the former Chief Technology Officer of the IDF, Shahar Tal, has been director of the company’s research group since last year.

Although its work with Israeli security is secret, Cellebrite has admitted that it can decode messages sent via the Telegram app, which is a popular tool for ISIS terrorists.

However, Cellebrite has also attracted the attention of privacy advocates. In April 2011, the Michigan chapter of the American Civil Liberties Union questioned whether Michigan State Police troopers were using Cellebrite equipment to conduct unlawful searches of citizens’ cell phones.

The Israeli Cyberwarfare Industry

Cyber technology is a major industry in Israel. In 2015, it created $6 billion in sales and attracted 20% of Israel’s private sector investment. It also provides more export earnings than Israel’s arms industry.

In January, a conference, Cybertech 2016, was held in Tel Aviv. The event attracted thousands of visitors from abroad which showed Israel’s importance in the global cybertech industry. The crowd included Prime Minister Benjamin Netanyahu who spoke at length about the need for governments to cooperate in the international arena against a plethora of threats.

One of the issues at the conference was cyber security for automobiles. Modern autos are becoming more and more vulnerable to cyber attacks that can disable the car or even kill the occupants.

A 2014 article on Israeli cyberwarfare capabilities in Al-Monitor noted, “I was told last week (mid-September) by a high-echelon Israeli who has been dealing with this issue for many years. “Already now there are organizations and countries that can physically harm targets and people through the Internet.” I asked for examples. “There are many things that we still can’t talk about,” he said, “but I’ll give you an obvious example. Let’s assume that an espionage organization wants to eliminate someone in a foreign country. Let’s assume that this ‘someone’ is now driving a contemporary car, a brand created in recent years. Or, in other words, a car whose systems are operated by a computer. All you need is to know how to make a long-distance connection to the car’s computer systems and to know how to track any kind of cellular gadget the person has in the car. Even if the gadget doesn’t work or doesn’t even have a battery. With this kind of long-distance tracking, you can know exactly when the car is driving down a steep slope, then disable its braking system all at once. At that moment, you have determined the fate of everyone in the car.”

“I asked the official if Israel has already used this method to neutralize foreign terrorist agents. “No,” he said, “we’re not there yet. But theoretically this possibility exists out there.”

According to an Infoworld article on the conference, “Israeli cybersecurity has its roots — rather unsurprisingly — in the military. This is mostly due to the massive investment in this area in the Israeli military, and specifically in its intelligence branch. Many alumni of these units learn both cyber and ingenuity, things which they use in their civilian life. In addition, the government has adopted a very open and supportive approach to assisting new ventures in this field in Israel.”

One example of this close cooperation between industry and Isreali security services is Gil Shwed, who is the founder, CEO, and chairman of board of Check Point Software Technologies.   He served in the top secret cyberwarfare Unit 8200 and recruits employees from the IDF cyberwarfare organizations. Another is Nir Lempert, who is chairman of the Unit 8200 alumni association and CEO of MER Group. Rami Efrati, who started Firmitas Cyber Solutions is also a Unit 8200 alumni.

These companies not only support Israel’s military and intelligence services, they also work with other repressive regimes. Privacy International, a human rights watchdog group, recently reported that two multinational companies with Israeli roots, Verint and Nice Systems, were supplying surveillance technology to repressive Central Asian countries, allowing “unchecked access to citizens’ telephone calls and internet activity on a mass, indiscriminate scale.”

Several of these Israeli companies have been accused of helping the NSA spy on Americans.

Israel’s Cyberwarfare Infrastructure

The heart of Israel’s cyberwarfare capability is the secretive Unit 8200, which built up its cyberwarfare capability by offering Jewish hackers a choice of going to jail or working for the state.

Unit 8200 is based in the Negev Desert and has evolved from the signal intelligence arm of the Israeli military into a leader in cyberwarfare. One American consultancy rated Unit 8200 as the sixth biggest initiator of cyber attacks in the world.

“Unit 8200 is probably the foremost technical intelligence agency in the world and stands on a par with the NSA in everything except scale,” Peter Roberts, senior research fellow at Britain’s Royal United Services Institute, told the Financial Times. “They are highly focused on what they look at — certainly more focused than the NSA — and they conduct their operations with a degree of tenacity and passion that you don’t experience elsewhere.”

A growing focus in 8200, as in other spy agencies, is data mining, and specifically the ability to shift through mountains of information to find the one menacing email, or the recurring patterns that suggest something is awry. Analysts can apply data mining algorithms to a “knowledge base” – determining, for example, from a base of several million conversations, which two are relevant. Algorithms can also do “data compression” — for instance, establishing that a target makes calls every day at 7.30am and 4pm. This can then be matched with other intelligence.

Unit 8200 has a reputation for developing malware. American whistleblower Edward Snowden told Der Spiegel that Israel helped the U.S. write the Stuxnet computer virus that disabled nuclear centrifuges in Iran in 2010. Iran blamed the Flame virus, which crippled its energy industry in 2012, on “illegitimate regimes,” a phrase it often uses for Israel.

8200 has received much criticism for its spying on Palestinians. Former Unit 8200 members have come forward to say they were asked to gather information not only on people suspected of plotting against Israel but on their family members, neighbors and others who might supply information about them. This included information about medical conditions, financial problems and sexual orientation. One of them said that during his training for 8200, he had been assigned to memorize different Arabic words for “gay”. Another said that soldiers would call one another over to listen when one of their targets was discussing a “funny” medical condition such as hemorrhoids.

Unit 8200 has been melded into a new Cyber Command. Last June, military chief Lieutenant General Gadi Eisenkot ordered the establishment of a cyber command to oversee all operational activity in the virtual domain. The first trainees completed their 12-week course in December.

The “cyber command will ultimately be widely engaged in offensive and defensive operations, in close association with the field units, primarily countering enemy command and control systems and other operational components heavily based on information technologies,” the Institute for National Strategic Studies in Tel Aviv said in a report issued after the command’s formation was announced.




FY17 Budget Squeezes MDA’s Research and Development
By Thomas Karako
Center for Strategic and International Studies
March 18, 2016

The recently released $7.5 billion FY17 budget request for the Missile Defense Agency (MDA) represents an $822 million reduction from last year’s enacted budget. These cuts are essentially divided between procurement ($501 million) and research and development ($322 million) as compared to the $8.3 billion MDA budget enacted by Congress for FY16. While cutbacks to procurement more obviously reduce capacity available to the war fighter, the squeeze on research and development reflects a larger but insufficiently appreciated trend that could impair the ability to outpace foreign missile threats.

Read more


Divining a “Trump Doctrine”: Finding the Contours of Donald Trump’s Foreign & National Security Policy
By John R. Haines
Foreign Policy Research Institute
March 2016

The ancient Greeks maintained that divination — how mortals learn the will of the gods — requires inspiration in the form of phrensy or madness. It was thought especially useful when some calamity shows the gods to be displeased. Today, simply imagining Donald Trump as Commander-in-Chief prompts many political oracles to the requisite condition. A group of Republican foreign policy notables published an open letter in which they harshly rebuked Donald Trump for some of his recent pronouncements on foreign policy and national defense. Two open letter signatories associated with the Foreign Policy Research Institute, Dov Zakheim and Colin Dueck, subsequently penned thoughtful essays in which each elaborated his respective position vis-à-vis Mr. Trump. The open letter itself reads more like a series of rejoinders than a policy rebuttal per se, to which its authors’ likely response is that Mr. Trump so far has expressed his position in aphorisms, not doctrine. Aphorisms of course have their place in American political discourse — the clarity of Benjamin Franklin’s “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety” is undiminished after 230 years — and collected aphorisms can, like with Epicurus’ Sovran Maxims, efficiently summarize a larger doctrine.

Read more

Syrian Armed Opposition Powerbrokers
Institute for the Study of War
March 2016

International negotiations to reach a political settlement in Syria have resumed, although serious challenges remain to reaching a political settlement. The talks follow two weeks of a “cessation of hostilities” in which the Russian air campaign in Syria decreased notably, though it did not entirely cease. Putin announced that he would withdraw some airframes from Syria on March 15, incentivizing both Assad and the opposition to engage in Geneva. Major opposition demands such as the removal of Syrian President Bashar al Assad from office have not been met, however, and Syrian regime officials have not conceded that there should be an immediate release of political prisoners. Reaching a political deal in Geneva under these conditions will therefore be difficult. The conditions in which the Geneva negotiations are taking place still strongly favor the regime, indicating that a transitional government, if formed, likely will fail to reconcile most Sunni armed actors with the government. The result could actually increase the jihadist threat while miring the U.S. and regional states in political turmoil in Damascus.

Read more


Five Years of Horror in Syria
By Lee Smith
Hudson Institute
March 18, 2016

Last week marked the fifth anniversary of what started as a peaceful uprising in Syria. A bunch of teenagers scrawled on a wall in their hometown of Deraa the slogan of the Arab spring: “The people,” they wrote, “want to topple the regime.” Syrian security forces caught the boys and tortured them. When news of the regime’s crime spread, thousands around the country filled the streets of their cities, towns, and villages to make their voices heard. Their protests were peaceful, but the response of Bashar al-Assad’s troops was not. They slaughtered unarmed demonstrators and tortured others in jail. Eventually, the people picked up arms to defend themselves. Those whom President Obama later deprecated as “former doctors, farmers, pharmacists, and so forth” with no chance against “a well-armed state backed by Russia, backed by Iran, a battle-hardened Hezbollah,” nonetheless fought back.

Read more


Saudi Arabia’s ‘Islamic Alliance’: Major Challenge for Al-Baghdadi’s Islamic State, or Potential Opportunity?
By Nibras Kazimi
Hudson Institute
March 9, 2016

Saudi Arabia’s announcement of the formation of an ‘Islamic Alliance’ to combat terrorism in mid-December 2015 incurred the concern of Abu Bakr al-Baghdadi, the ‘caliph’ of the Islamic State. His propagandists were unprepared to address the ideological ramifications of such a paradigm shift in Saudi behavior. The anti-Saudi ideological formulations and narratives that the jihadists had developed over a number of years did not factor-in the possibility that Saudi state would undertake aggressive military operations beyond its borders, operations directed primarily against themselves. Saudi thinking may be premised on the idea that the Islamic State—seeking local support in Iraq and Syria by claiming to act in defense of Sunnis against tyranny and sectarianism—would crumble easily and quickly if faced with an ‘Islamic Alliance’ that aims to liberate Sunnis from both the Islamic State and Iranian hegemony alike. The announcement has raised popular expectations of an impending ‘new order’ in the Middle East among those heartened by what they consider ‘long-overdue’ Saudi activism. However, the new Saudi initiative is a dangerous gamble that may backfire on rhetorical and ideological grounds if the campaign fails or takes too long.

Read more

Putin’s Middle East Policy: Causes and Consequences
By Anna Borshchevskaya and Philip Gordon
March 23, 2016
PolicyWatch 2593

Russia is not the Great Power it once was, but the Middle East is fragile, and Moscow does not need to do much to assert influence and gain a military foothold, particularly against a perceived Western retreat from the region. President Vladimir Putin continually tests the West, diverting attention from Russia’s domestic problems and allowing him to further assume the role of a consequential leader. Russian regional influence is on the rise — and not only in Syria. Last month, the largest Russian delegation in many years visited Iraq, pledging more weapons and aid to the Baghdad government. Moscow has also defended Iran’s recent ballistic missile tests, and further maintains that its own possible arms sales to Iran, including fighter jets, do not violate the United Nations arms embargo on the grounds that fighters are defensive weapons. Meanwhile, the Kremlin’s standoff with Turkey continues after Ankara’s shootdown of a Russian jet last November. And just this month, King Mohammed VI of Morocco visited Russia for the first time since 2002.

Read more