Massive Israeli Data Leak Is Treasure Trove for Iran Intel
The leaks of personal information of 6.5 million Israelis
three weeks before the election is one of the worst security screw-ups in the
country in the last few years.
Both the first breach, which was reported about a week ago,
and the more serious second one, reported Sunday, stem from criminal negligence
by Elector Software – a small and hitherto barely known company that developed
the mobile election software being used by Likud and other parties.
This app, which enables access to the country’s entire voter
registry, is used “to run elections and make contact with voters,” according to
the company. It includes voters’ full names, ID numbers, gender, telephone
numbers and current addresses. In addition, there is information entered by
party campaign staff about whether or not the individual in question supports
Prime Minister Benjamin Netanyahu.
Beyond the severe violation of Israelis’ privacy, the
hacking of the voter rolls has unprecedented implications for tens of thousands
of employees of the Mossad, the Shin Bet security service, the Israel Atomic
Energy Commission, the Israel Institute for Biological Research and the Israel
Defense Forces – especially for pilots, intelligence personnel, special forces
and nuclear scientists. The damage caused by the breaches doesn’t end with
exposure of information: Exposure of such data also enables potentially hostile
elements to access additional sources of information, and to cross-check
sensitive details including license plate numbers, personal and corporate
assets and confidential medical information.
The potential damage is enormous. This is a gold mine for
enemies like Hezbollah and Iranian intelligence, as well as for intelligence
agencies that are more or less friendly to Israel.
It’s no secret that the Mossad and other Israeli
intelligence and security organizations make use of the data in the Interior
Ministry’s Population Registry. This information enables them to recruit
employees both in Israel and abroad.
It’s also well known that such espionage bodies, especially
the Mossad, use fake or borrowed identities for their operations. According to
foreign reports, these operations have in the past been aimed mainly at
monitoring, information-gathering, infiltrating buildings, buying sensitive
equipment and so forth.
In the past three decades, Mossad agents have been exposed
while carrying forged passports of Canada, Australia, Germany, New Zealand,
France, Ireland, Bosnia, Georgia and more. Some operatives were arrested. Some
were exposed during or after operations in countries such as Jordan, Britain,
Sudan, Cyprus, Switzerland, New Zealand, Australia and, according to foreign
media, Dubai and Tunisia.
The leak of such information about Israeli citizens and the
possibility of connecting it to activities conducted overseas under an Israeli
or foreign identity is disastrous for the intelligence community. Thanks to
this information, foreign intelligence agencies can thwart operations abroad
and/or catch the agents involved.
Moreover, cross-checking the leaked information with
documents published or stolen in the past can enable hostile agencies to
identify not just living people, but also dead people whose identities are
being used in secret missions to conceal or verify cover stories.
That, for instance, is what Refaat el-Gammal, an Egyptian
intelligence agent, did when he posed as a Jew named Jack Beaton who emigrated
to Israel in the 1950s. Fortunately, the Shin Bet discovered him and turned him
into a double agent who worked for Israel against his Egyptian handlers.
And when the Mossad assassinated senior Hamas official
Mahmoud al-Mabhouh in Dubai in 2010, it was reported that one of the operatives
had assumed the identity of an Israeli who had been killed in the 1973 Yom
Kippur War.
The “soft underbelly” of national security that this latest
breach has potentially exposed can be demonstrated by the case of the 2015 leak
from a major human resources company that recruited personnel for U.S.
intelligence and defense agencies. It was suspected that the information
reached Chinese intelligence; as a result, the CIA had to recall some of its
agents.
The principle underlying the intelligence community
anywhere, including in Israel, is that as soon as there’s a fear that hacked
information has reached hostile or any foreign parties, extra precautions must
be employed so as not to endanger its personnel. For this reason, in numerous
cases in the past where there was the suspected exposure of networks of agents
run by Israel in foreign countries, especially hostile ones – not only was the
affected network shut down, but also any others with contacts to it.
Who’s meddling here?
In the course of the groundhog day 2019-20 election
campaigns in Israel, there have been several incidents emitting a nasty stench
of political espionage. Even before this, then-Police Commissioner Roni
Alsheich had charged in a television interview that an unidentified person had
hired private detectives to keep tabs on the investigations into suspected
crimes committed by Prime Minister Netanyahu. Netanyahu, who has now been
indicted for the crimes, and his Likud party, vehemently denied the
accusations.
In November 2018, a hastily constructed website in Panama
published a false report that former Mossad director Tamir Pardo had claimed in
a lecture at Harvard that former Defense Minister Avigdor Lieberman had
resigned because he was suspected of being a Russian spy. Thereafter,
Lieberman, who is proud of having an ancient cellphone rather than a
smartphone, claimed that this wasn’t an isolated incident; unknown individuals
had also tried to hack into his Yisrael Beiteinu party’s computers to disrupt
its April 2019 election campaign.
Then came the bizarre hacking of Kahol Lavan Chairman Benny
Gantz’s cellphone before the April 2019 election and its exposure in the media.
Even today, it’s still not clear whether Iran was really behind that act, or
whether someone had leaked the information to Tehran to cover his tracks.
Israel likes to boast of its cybersecurity industry and of
being at the forefront of global technology. Moreover, at least seven public
agencies are engaged in cyberwarfare and information security for both
defensive and offensive purposes: the National Cyber Directorate, the Mossad
and the Shin Bet (these three are all under the prime minister’s auspices);
Military Intelligence (under the IDF’s responsibility); and the Defense
Ministry’s department of field security. In addition, there are the Atomic
Energy Commission, the Justice Ministry’s Privacy Protection Authority and the
Central Elections Commission.
Once the incidents mentioned above became known, all the
relevant agencies should have conducted a thorough investigation. After all,
the victims – whom someone evidently wanted to smear – were a former defense
minister, a former Mossad director and a former IDF chief who is now running
for prime minister, as well as the Israeli electoral system as a whole.
However, the recent breaches involving the Elector app,
despite attempts to downplay the damage, are on a completely different scale:
They affect every Israeli citizen. From this standpoint, they recall the
Cambridge Analytica scandal. This British company, which engaged in data
mining, data analysis, data brokerage and communications strategies, used
personal information purchased or leaked from Facebook to impact elections
around the world.
Cambridge Analytica was founded in late 2013. It is
partially owned by Robert Mercer and his family, which also owns Renaissance
Technologies, one of the world’s most profitable hedge funds. The family’s
political leanings are extremely conservative; in 2016, it helped Donald
Trump’s election campaign, mainly regarding identification of potential voters.
Elector Software is a small, obscure firm formed just before
the first Israeli election 15 months ago. Its three registered directors are
completely unknown to the public. Another former manager worked in the past for
Likud. The company is registered in a small European city, and now its three
directors have either disappeared or refuse to talk to the media.
When you combine all these facts, and others that haven’t
been publicized – there’s almost no doubt that over the last year, a hidden
hand has been meddling in Israel’s election campaigns.
In any self-respecting democracy, the very day a leak such
as that involving the Elector app became known, all the relevant agencies
mentioned here should have called emergency meetings to determine how and why a
failure of such a magnitude occurred and what its implications are. Moreover,
the heads of the intelligence community, led by Mossad chief Yossi Cohen,
should have convened to consider the severity of the potential harm caused to
defense and security agencies both in the present and in the future.
But Israel with its superfluous and unnecessary number of
agencies dealing with information security, and embroiled in ego and turf wars,
seems to be unmoved. Not to mention the fact that the government has abdicated
its responsibilities in this arena – and not for the first time. Thus, no such
meetings or assessment were ever carried out, and it’s doubtful that they will
be now, either.
In response, Likud said that “Elector is an outside supplier
that provides services to many parties, including Likud. All professional and
legal responsibility devolves upon it. Likud is making every effort, regarding
data related to it and to its voters, to secure the information and ensure its
complete protection in accordance with the law and accepted standards.”
The Mossad, the Atomic Energy Commission, the Shin Bet, the
IDF, Military Intelligence and the Ministry of Defense refused to comment. The
National Cyber Directorate did not respond to questions from Haaretz. Only the
Central Electoral Commission said that the matter is not within their realm of
responsibility. For its part, the Private Protection Authority said that any
breach of privacy and leak of personal details is a serious matter.
Comments
Post a Comment