cyberwar - Ayala Tal - October 11 2010
Illustration Photo by Ayala Tal
Text size
Haaretz
Shai Blitzblau: ’If Stuxnet had been hostile computer code written by a state-of-the-art intelligence organization, it would have been developed to evolve.' Photo by Haaretz
Haaretz
Rafi Ivgi: ’Israelis can sleep well at night even though our security systems are computerized and theoretically.' Photo by Haaretz

A few months after the aerial attack on the Syrian nuclear facility, which the foreign press attributed to Israel, the New York Times reported a twist to the story. It seems that prior to the attack, the Syrian radar and anti-missile batteries were paralyzed by a computer virus, reported the Times and a few other papers. That enabled the bombers to enter Syrian air space and attack the nuclear plant unimpeded.

That may have been the first incident to show the general public just what digital warfare really is in the modern age, not to mention Israel's ostensible talent at it.

The Stuxnet worm attack on the Iranian nuclear systems - and tens of thousands of other computer systems around the world - also has been widely attributed to Israel, though the truth isn't known. One thing experts agree on is that Stuxnet wasn't the brainchild of some kid in his parents' basement. It had to have been created by a big organization, maybe even a country.

Some think the worm was hyped, though it unquestionably was a clever one, targeting industrial systems quite exclusively. Shai Blitzblau, CEO of Maglan Information Defense Technologies Research, says Stuxnet has proven relatively trivial to frustrate. If it had been hostile computer code written by a state-of-the-art intelligence organization, it would have been developed to evolve and evade anti-virus systems, he surmises.

The nature of worms

What is a computer worm, anyway? It is malicious software code ("malware" ) used to take advantage of loopholes in system defenses to extract information or cause damage.

A worm can be disseminated as simply as by e-mail: click on a link or file in an e-mail and the worm loads itself onto your computer without you knowing a thing about it. Once inside, it might do any number of things. It might upload Trojan horses that extract information from your computer. It might seize control of your computer. The worm usually also causes your system to try to infect other computers.

Avi Weissman, academic adviser to the Technion University's information security department and chairman of the Israeli Forum for Information Security, thinks Stuxnet was probably disseminated not by low-tech e-mails, but by flash drives. That indicates its creator knew the target wasn't connected to the Internet, he suggests. It also means that a human agent was needed to infect the Iranian computers, possibly even a person who didn't know he was carrying the virus, such as a technician from Siemens, which built the system.

Israel in the cross-hairs

Israel may or may not use digital attacks for its own ends. It's also in the cross-hairs of very real enemies, say experts.

Nir David, an expert on information security, says enemies have been waging cyberwar on Israel for years. "During the Second Lebanon War, it turned out that Hezbollah had much more advanced cyber abilities than had been thought," he says. Systems and training were provided by Iran. The Winograd Report on Israel's failures during the war cited information leaks from the army, including at the tactical level.

During and after the war, Israel took pride that Hezbollah hadn't managed to break into the encrypted communications network Vered Harim, says Weissman. But the fact that Hezbollah even tried to break into the network attests to its sheer ability, its ambitions and the tack that Israel's enemies are taking, he warns. Israel might have assumed they are technologically inferior, but they know where to invest effort, he says.

Nir David mentions another case of digital attack against Israel - Hezbollah leader Hassan Nasrallah's boast that in 1997, the militant group intercepted drone transmissions, and then mounted its attack against Israel's Navy Seals. "I don't know if it's true," David says, but it could be, based on Hezbollah's abilities and the poor quality of information security at the time. Back then awareness was low, he adds.

The Israeli Defense Forces encountered digital attacks during Operation Cast Lead as well, David says. According to Aviation Week, the enemy tapped into the Amos communications satellite and tried to upload propaganda. The satellite's security systems foiled the attempt but the fact is, it happened and almost succeeded. The enemy is honing its digital skills, he concludes.

Rafi Ivgi, security consultant, says Israelis can sleep well at night even though our security systems are computerized and theoretically susceptible to attack. Israeli intelligence is an effective protective tool, he says.