• Sina@beehaw.org
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    I think the problem is that the people in charge of running the surveillance never considered a coordinated cyber attack like this ever occurring, It’s the good old contempt issue.

    Building a cyber attack resistant surveillance system is not that difficult, the infrastructure cost is significant, but I’m sure when the dust settles they’ll fix this weakness.

  • emma@beehaw.org
    link
    fedilink
    English
    arrow-up
    13
    ·
    1 year ago

    This just happened. It’s far too early to do more than speculate.

    Like we can also connect dots from known things like FBI agents being killed because Trump leaked documents, his connections with Russia directly and thus Iran, to the possibility that information also leaked which compromised agents acting on Israel’s behalf within Gaza. To be clear, this is also speculation.

    But yeah, we can create all sorts of scenarios based on bits of information and our biases and ways of looking at the world. We’ll never know everything which factored in.

    • TheButtonJustSpins@infosec.pub
      link
      fedilink
      English
      arrow-up
      31
      ·
      1 year ago

      THE GAZA STRIP is one of the most densely populated areas on the planet. It’s also one of the most heavily locked down, surveilled, and suppressed. Israel has evolved an entire intelligence apparatus and aggressive digital espionage industry around advancing its geopolitical interests, particularly its interminable conflict in the Gaza Strip and the West Bank. Yet on Saturday, Hamas militants caught Israel unaware with a series of devastating land, air, and sea attacks, killing hundreds of people and leaving thousands wounded. Israel has now declared war.

      Hamas’ surprise attack on Saturday is shocking given not only its scale compared to previous attacks, but also the fact that it was planned and carried out without Israel’s knowledge. Hamas’ deadly barrage underscores the limitations of even the most intrusive surveillance dragnets. In fact, experts say the sheer quantity of intelligence that Israel collects on Hamas, as well as the group’s constant activity and organizing, may have played a role in obscuring plans for this particular attack amid the endless barrage of potentially credible threats.

      “There’s no doubt that the scale and scope of this Hamas attack indicate just a colossal intelligence failure on behalf of the IDF [Israel Defense Forces] and in Shin Bet, the internal security agency,” says Raphael Marcus, a visiting research fellow at King’s College London’s Department of War Studies who focuses on the region. “They have such technical prowess and also a legacy of excellent human source capability.”

      Israel is known for heavily monitoring Gaza and anyone who could be connected to Hamas using both traditional intelligence-gathering techniques and digital surveillance like facial recognition and spyware. Israel has proved its hacking skills and technical sophistication on the global stage for years, participating in the development of innovative malware for both digital espionage and cyber-physical attacks. The fact that Hamas was able to plan such an unprecedented and complex attack speaks to the limitations and inevitable blind spots of even the most comprehensive surveillance regime.

      Jake Williams, a former US National Security Agency hacker and current faculty member at the Institute for Applied Network Security, emphasizes that when you have a firehose of intelligence streaming in from an array of sources, and when the climate is as fraught as that between Israel and Palestine, the challenge is organizing and parsing the information, not gathering it.

      “Intelligence in an environment like Israel isn’t finding a needle in a haystack—it’s finding the needle that will hurt you in a pile of needles,” Williams says. “Given the number of Hamas members involved in the invasion, it’s not plausible to me that Israel missed every human intelligence reflection of the planning. But I feel confident that there are always Hamas operatives talking about credible plans to attack the IDF. So Israel can’t respond with force to every threat, even every credible one. They’d be at a heightened state of alert or actively engaged all the time, and that’s probably actually worse for security.”

      Though details of exactly how the attack happened are still emerging, it seems that oversights related to grappling with this signal-and-noise conundrum played a role.

      “In retrospect, there was some information, but, like happens in all intelligence failures, it wasn’t given sufficient consideration. It was misunderstood,” says Chuck Freilich, a former Israeli deputy national security adviser. “I think in the last days, from my understanding, there were some warning signs. And actually, the intelligence establishment had been warning for the past about half-year that there was going to be a significant conflict with Hamas, that they were bent on escalating the situation. But then they misread the signs.”

      Colin Clarke, the director of research at the Soufan Group, an intelligence and security consultancy, says the Hamas attack would have “required months of preparation” and intelligence failures likely happened with both human intelligence and signals intelligence, where electronic and communications data is collected. “I’m still astonished that a breakdown in intelligence occurred at this level,” Clarke says. “I don’t think anybody, including the Israelis, were prepared for an operation this complex and multi-pronged.”

      Crucial intelligence oversights could have happened as the result of numerous intersecting failures, says King’s College London’s Marcus. The Israeli intelligence apparatus may have misunderstood Hamas’s intentions, misread the context of crucial leads, been distracted by Israel’s political efforts with Saudi Arabia, or been grappling with domestic challenges. Israeli forces have complained, for example, of a brain drain from the IDF as individuals get pulled toward the private sector.

      “I think that this wasn’t just a military failure—I think that this was a dramatic failure of national leadership,” says Freilich, who authored Israel and the Cyber Threat: How the Startup Nation Became a Global Cyber Power. The ambush calls to mind the outbreak of fighting during Ramadan in October 1973 in which an Arab bloc targeted Israel with a surprise attack on the Jewish holy day Yom Kippur to set off nearly 20 days of fighting.

      Palestinians in occupied territories, including the West Bank and Gaza Strip, have faced surveillance and controls for years, with many calling the conditions an apartheid. In September 2021, Israeli forces announced the completion of a 40-mile-long barrier around the Gaza Strip—the sliver of land between Israel, Egypt, and the Mediterranean Sea—that is essentially a “smart wall” equipped with radar, cameras, underground sensors, and an array of other surveillance instruments.

      “Palestinians are subjected to multi-layered surveillance,” says Mona Shtaya, a non-resident fellow at the Tahrir Institute for Middle East Policy. “Various surveillance technologies are employed against Palestinians, including drones, mobile bugs (spyware) that have previously been uncovered as being injected into electronic devices prior to entry into the Gaza Strip.”

      Shtaya adds that CCTV cameras are placed at entrances to the Gaza Strip, and that there is “continuous” online surveillance of people in the occupied areas. “It would not be an exaggeration to say that Palestinians are under surveillance in nearly every facet of their lives,” she says.

      Such persistent surveillance can make people change their behaviors and limits freedom of expression and speech. “We can observe this phenomenon when people communicate with their families over phone calls or when they post content online, as they may alter certain keywords,” Shtaya says.

      As Hamas attacked Israel on Saturday, videos emerged of a brute force approach: a bulldozer breaking through portions of the fence as hundreds of militants stormed into Israel using motorbikes, boats, and apparently paragliders. Haaretz reported on Sunday that Hamas was able to gain so much ground because of IDF logistics issues in addition to intelligence failings.

      While Israel’s technology industry has helped create many surveillance capabilities and pushed the global industry forward, Hamas, which is sanctioned as a terrorist organization in the US, also uses some digital tools in its operations. The group has leaned heavily on distributing its propaganda through radio and TV to legitimize its rule in Gaza, while it utilizes social media to a lesser extent, according to a review by the Center for Strategic and International Studies earlier this year. Still, Hamas has used fake Facebook accounts to lure Israeli soldiers into downloading data-stealing apps, and has distributed fake dating apps that are really spyware. In 2019, Israeli forces bombed a building they claimed housed a Hamas hacking group.

      Multiple sources tell WIRED that they suspect Iran was involved in helping Hamas carry out its assault on Saturday, given the sophistication and intricacy of the attack. Iran has long-standing ties to Hamas, and its officials have praised the recent attacks.

      As the conflict ramps up into full-scale war, there is significant concern about the number of civilians impacted, with Amnesty International saying it is “deeply alarmed” by the civilian deaths in Israel, Gaza, and the West Bank. The Hamas assault has killed at least 700 and injured more than 2,000 Israelis on Saturday, according to the latest available figures. Video footage and reports shared online depict Hamas gunmen killing civilians, leaving bloody bodies scattered through the streets, and taking dozens of hostages. In response, Israel is launching large-scale airstrikes against Hamas targets in Gaza, while working to retake militant-controlled areas and preparing for offensive actions, including a possible ground invasion of Gaza. At least 370 Palestinians in Gaza have been killed and more than 2,000 wounded so far.

      Israel Defense Forces say women and children have been taken hostage. Israel has also cut power to Gaza and internet monitoring firms say there has been a decrease in connectivity. As the fog of surveillance gives way to the fog of war, the current situation in Israel serves as an important illustration that unrelenting surveillance does not equate to or guarantee security.

      Additional reporting by Morgan Meaker

      • erez@programming.dev
        link
        fedilink
        arrow-up
        9
        ·
        1 year ago

        It’s too early to know what was the cause of the intelligence failure. But I wouldn’t be surprised if it was because Iran introduced new technology and protocols, that went unnoticed below the usual chatter.

        Israel Defense Forces say women and children have been taken hostage.

        Odd phrasing. Hamas confirmed it, and there are videos and photos proving it to be the case.

        • SenorBolsa@beehaw.org
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          I think that’s just a case of cautious journalism, that’s the source they had and they were too lazy or didn’t have time to obtain more for this article. Understandably it’s not really what this article is focused on.

      • intensely_human@lemm.ee
        link
        fedilink
        arrow-up
        17
        ·
        1 year ago

        And in addition to not equaling increased security it sounds like a policy of indiscriminate information gathering, via total surveillance nets, results in processing overload that prevents threats from being detected and responded to.

        So it sounds like the article argues not only for a lack of benefit from increased surveillance, but also for a potential positive danger from it.

        • Sonori@beehaw.org
          link
          fedilink
          English
          arrow-up
          16
          ·
          1 year ago

          Clearly, the only answer is AI. I don’t know how an unreliable autocomplete will help with this, but I am willing to pocket a massive amount of taxpayer money in the attempt./s