Pages

7 November 2021

Israel’s Cyber Capabilities Are Superior to Iran’s, but It Has a Soft Underbelly

Yossi Melman

Humiliation has a boomerang effect. And in the case of Israel’s cyber quarrel with Iran, which is being fought below and above the surface, it only strengthens the desire of the ayatollahs’ regime to respond in kind and seek revenge.

Moreover, the offensive cyberwarfare that Israel is encouraging attests to the fact that it is finding it difficult to understand the codes that guide the Iranian leadership. Like a stubborn mule, Israel is entrenching itself and insisting on repeating its past mistakes, at the same time as it is experiencing cybersecurity failures in protecting its own facilities.

During the first Lebanon war in 1982 and the second one in 2006, Israel’s political and military leadership believed it would succeed in subduing the Palestine Liberation Organization and Hezbollah, respectively, by force and establishing a new order. Logic – which proved false – dictated that military-economic pressure would lead to a chain reaction. Lebanese citizens would be harmed, would suffer and then would, together with the government, oppose the terror organizations.

The same distorted and rigid way of thinking, a version of “more of the same,” has also guided Israeli government and defense establishments during the long-term battles against Hamas and Iran. But it didn’t work then and it’s not working now.

Public pressure brought on by an external threat does not displace dictatorial regimes, which are suffused with an ideology, a survival instinct and a hunger for power. Israel doesn’t want to recognize that.

Cognitive warfare

For two decades, Israel has been carrying out secret operations to thwart, interrupt and delay the Iranian nuclear program and to check its plans to expand throughout the Middle East. Assassination operations against nuclear scientists and generals, and damage to nuclear facilities and missile sites, have been attributed to Israeli intelligence, headed by the Mossad. They didn’t help.

The psychological warfare – now called “cognitive warfare” – that accompanies those operations isn’t diverting Iran from its goal and isn’t impressing its leadership. The bottom line: Iran is now closer than ever to becoming a nuclear threshold state.

The person who improved the secret tools against Iran was Mossad chief Meir Dagan, during the terms of prime ministers Ariel Sharon, Ehud Olmert and Benjamin Netanyahu. But Dagan, like his successor Tamir Pardo, understood that intelligence warfare and military activities, which are dubbed “the war between the wars,” are mainly tactical.

Although they are an important part of the toolbox against Iran, they are not a decisive part. They were accompanied by diplomatic steps, economic sanctions and international pressure, which yielded results and forced Iran to sign the nuclear agreement with the six world powers (the Joint Comprehensive Plan of Action) in July 2015.

The nuclear deal pushed the nuclear program several years back and distanced the Islamic republic from the nuclear threshold. All that changed when then-U.S. President Donald Trump entered the White House and, with the encouragement of then-Prime Minister Benjamin Netanyahu and then-Mossad chief Yossi Cohen, unilaterally pulled the United States out of the agreement and intensified U.S. sanctions.

In response, Iran dug in and eventually began to violate the agreement and advance its program. It was quite amusing, not to say embarrassing, to hear Cohen recently rejecting the claim that Iran’s nuclear program has advanced. Here we can say ironically: “What you see from there, you can’t see from here.” When Cohen was head of the Mossad, he rang all the warning bells together with Netanyahu. Now, when he is planning to enter politics and is building support groups for himself, he is silencing the same bells.

After Netanyahu’s political failure and Cohen’s retirement, it was believed that Prime Minister Naftali Bennett and new Mossad chief David Barnea would try a different approach. But a few months later, it looks as though Bennett, Barnea and IDF Chief of Staff Aviv Kochavi are in love with the secret operations, inciting Iran and releasing slogans such as “We won’t allow the Iranians to have nuclear weapons” and “The military option is on the table.”

Bennett, Barnea and Kochavi are well aware that Israel on its own has no military option, and that distancing Iran from the nuclear threshold requires an American assault – which won’t happen – or bringing the Iranians back to the negotiating table in order to reinstate the nuclear deal.

We can understand the logic guiding the attacks carried out by Israel, mainly the air force, against the transfer of weapons from Iran to Hezbollah (via Syria) for its precision missiles program. These are measured activities that are also made possible thanks to the quiet support and turning a blind eye from Russia, which is not interested in Iranian entrenchment in Syria.

There is even justification for cyberwarfare against the Iranian nuclear sites. But there’s no point to the cyber operations against the Iranian civilian sector that are attributed to Israel.

Over the past year or so, the flow of ships at the Shahid Rajaee Port in Bandar Abbas was halted; the movement of trains was disrupted and the office phone number of supreme religious leader Ali Khamenei displayed at the rail stations; and last week thousands of gas stations throughout the country went offline.

As I mentioned at the start, humiliation has a boomerang effect and in the past year hackers sent by the cyber command of the Revolutionary Guards and Iranian Intelligence Ministry tried to attack Israeli water valves and pumps, and penetrated the servers of Israeli companies such as Cyberserve, which stores and hosts websites.

That is precisely how LGBTQ dating site Atraf was attacked, information about tens of thousands of customers of the Shirbit insurance company and Pegasus travel agency were revealed, and the computer system of the Hillel Yaffeh Medical Center in Hadera was attacked. The National Cyber Directorate, based in Be’er Sheva, does not identify any improvement in the capabilities of those behind the recent wave of attacks. In some cases, it’s even hard to say with certainty that Iran is indeed behind those incidents.

Israel is a prime example of a situation in which the more advanced you are, the greater your dependence on technology – and as a result, the greater the potential for harm.

Israel’s high-tech and cybersecurity capabilities are far greater than those of Iran, but that will not prevent an Iranian reaction. Iran is aware that it is hard for it to attack defense organizations such as the Mossad, the Shin Bet security service and Military Intelligence. It also knows that Israel’s critical infrastructure networks (electricity, water, banks and others) are well protected.

As a result, it exposes the soft underbelly of Israeli cybersecurity: civil society. Yes, Iran is also waging cognitive warfare, whose aim is to upset Israelis, to scare them, to shake their faith in the information systems and to harm them as consumers – whether it’s Hillel Yaffeh’s patients or users of an LGBTQ dating site.

After years of power struggles, Netanyahu managed to remove the cybersecurity command from the Shin Bet. The National Cyber Directorate was established in its current form in 2018, as part of the Prime Minister’s Office.

This is the organization in charge of protecting civil society, whereas the defense and intelligence organizations are in charge of their own cybersecurity.

The directorate is headed by Yigal Unna, formerly head of the Sig-Int Cyber Division in the Shin Bet. Since its establishment, the directorate has suffered from a large turnover in personnel. That’s not its fault, but happened because it is hard for a government body to recruit experts on a monthly salary of 25,000 shekels (about $8,000) when the private sector offers them double or triple that amount.

On the recommendation of the Shin Bet, it was decided that 30 civil society organizations and websites would be defined as “critical infrastructure.” Since then, the number has increased to 40. All of them are guided by the National Cyber Directorate. For the sake of comparison, in the United States with its population of 330 million, only 70 organizations and websites are defined as “critical infrastructure.” The reason is that if almost everything is defined as a critical infrastructure, the definition loses its value.

It was previously suggested to determine three levels of importance and risk assessment, below the top level of “critical infrastructure.” According to the proposal, there would be a ranking headed by financial institutions and banks, hospitals and large companies vital to the economy with tens of thousands of employees each. The second layer would include important but sectoral companies (chip manufacturers, for instance), while the third level would include all the other companies, right down to the neighborhood grocery story and the man in the street.

The proposal was not adopted. However, in light of the present, still-developing situation, it’s worth reconsidering. Although Israel boasts of being Startup Nation, in effect civil society finds it difficult to adopt and implement standards relating to cybersecurity.

The National Cyber Directorate finds it difficult to force civilian companies to improve their protective capabilities, despite the repeated warnings. There are companies that adopt the guidelines, but there are also quite a few instances of companies that don’t heed the warnings. That’s what happened, for example, with the Atraf server.

The directorate claims that cooperation with the public is good and that 73 percent of its advice and warnings to companies are accepted. At the same time, Unna believes that when it comes to adopting the guidelines, there is a need for legislation. The thing is that in Western democracies, not every problem can by solved by means of a law.

Thus, it seems the time has come for Israel to decide whether it wants truly effective protection for the entire civilian domain, or whether it is satisfied with much less. It’s worth considering whether to restore responsibility for gathering information regarding critical and noncritical infrastructure to the Shin Bet. Alternatively, we could adopt the U.S. model, reduce the number of critical infrastructure facilities and decide that in free and capitalist Israel, the private sector is responsible.

And there is another possible solution: Perhaps the defense establishment should overcome its Pavlovian conditioning and refrain from cyberattacks against Iran’s civil society. That won’t prevent ransomware or trolling attacks, but the friction in cyberspace with Iran would definitely be reduced.

Israel must not continue to add fuel to the cyberwarfare fire, because the attacks will only continue to increase. The National Cyber Directorate is an operational body, and therefore the person who must make a diplomatic-strategic decision on the issue and demonstrate courageous leadership is Prime Minister Bennett.

No comments:

Post a Comment