News that the United States and the United Kingdom have for years been tapping into the encrypted communications of Israel Air Force drones and fighter jets sent shock waves through Israel on Friday, with the story dominating the front pages of the country’s newspapers.
But America and Britain are Israel’s allies.
And while it’s never pleasant to learn that your friends are spying on you, the breach — considered by one official to be “the worst leak in the history of Israeli intelligence” — did not necessarily damage Israel’s security.
The deeper concern is that Israel’s numerous enemies, and not its allies, have also been able, or will be able, to hack into Israeli systems and decrypt Israeli cybernetic systems, which are of growing importance to civilians and militaries alike.
The breach revealed Friday re-emphasizes that possibility.
And the very nature of the revelations underlines another profound concern for Israeli intelligence: The Intercept’s article detailing the 18-year breach of air force encryptions is based on information leaked by Edward Snowden. If the US National Security Agency has its hands on Israeli intelligence, and the US is hacked or has information leaked, all that top secret Israeli intel gets exposed as well.
According to the bombshell revelations Friday, the Americans and British long ago intercepted and decoded in real time encrypted broadcasts between Israeli drones and F-16s, and the ground.
“This is an earthquake,” a senior security source — who spoke on condition of anonymity — told the Ynet website. “It means that they have forcibly stripped us, and, no less important, that probably none of our encrypted systems are safe from them.”
By monitoring the feeds from drones and planes, the American National Security Agency (NSA) and British Government Communications Headquarters (GCHQ) could track Israeli actions in the Gaza Strip and West Bank, and also determine if Israel was gearing up to launch any attacks against Iran or other targets.
Needless to say, such information would also be of interest to Iran itself, Hamas and Hezbollah, all of which the IDF knows are working tirelessly to break into Israeli systems and decrypt Israeli operational communications.
“We know that the nations around us are putting a lot of effort into obtaining cyber capabilities,” Oron Mincha, spokesperson’s for the IDF’s C4I Telecommunications Corps, told journalists last month in a conversation at the corps’ base in Tzrifin, outside of Tel Aviv.
“When a country deals with the proliferation of rockets, we’re not surprised to see that they are also using the cyber tools to help our enemies,” the officer said, not saying the name of a country, but clearly implying Iran.
“We’re seeing a tight relationship between the kinetic and the cybernetic,” he said.
This breach was not the first time that foreign bodies intercepted Israeli drone feeds; indeed, Hezbollah is known to have done so, with fatal consequences. In 1997, Hezbollah managed to capture the (non-encrypted) feed from an Israeli drone and used the information to plan an ambush against members of the IDF’s elite Shayetet 13 naval unit, killing 12 of them.
Such vulnerability is an inherent problem with wireless communication, one that advanced militaries have been facing for decades, as they seek to communicate across vast distances without having their messages plucked out of the air.
After the 1997 incident, known in Hebrew as the “Shayetet catastrophe,” Israel began encrypting its communications — plainly, however, not to the extent necessary, as evident by the 18-year period over which the United States and England have been able to decrypt those transmissions.
“The challenge with using drones is how you manage your spectrum security,” Mincha said.
Speaking in December, Mincha boasted that Israel was “pretty good” about cyber security, though he admitted that there are things that “keep my boss up at night.”
“The IDF” — he knocked on the wooden lectern — “so far is maintaining the high level of defense capabilities, due to the manufacturing of home-made tools to defend our system,” Mincha said.
Friday’s revelations clearly undermine that confident assessment.
To try to ensure the secrecy of its drone feeds, the IDF has manufactured its own systems to protect the UAV’s communication channels in-house; these measures are evidently vulnerable.
Though drones and their wireless communications capabilities are complex and expensive, the technology needed to break into them is surprisingly cheap and accessible.
In 2009, the United States experienced this first hand, when US Forces discovered that they were the victims of a similar kind of cyber attack to the ones the NSA has been committing against Israel.
Iraqi insurgents, using store-bought equipment and a commercial computer program, were able to tap into the video feeds of Predator drones, which were not encrypted at the time, and monitor them.
“Anybody can go to a store and buy equipment for $10,000 that can mimic our capability,” Robert Elder, a retired US Air Force lieutenant general, told Wired magazine in 2014.
Because Israel uses encrypted transmissions, the NSA and GCHQ had to invest significantly more computing power than the Iraqi insurgents, according to The Intercept.
It was not immediately clear from Friday’s reports if the United States and England are still capable of monitoring Israeli drone feeds, and the IDF would not officially comment whether news of this breach will prompt a response or change in policy for the air force.
Energy Minister Yuval Steinitz claimed Israel was “disappointed” but not “surprised” by the intel breach. Which begs the question: If, as Steinitz said, Israel assumes that the US spies on it, why does it not take more sophisticated measures to protect its communications?