Elections under the Cyber Threat & the Digital Revolution in the IDF

Cyberspace has come to play a major role in our life, as the recent election campaign has so vividly demonstrated. Also, the IDF is planning a revolution that would lead to the use of standardized digital information throughout the military. Amir Rapaport's weekly column

bechirot21.bechirot.gov.il

Cyber has played a more important role than ever before in this recent election campaign, but things could have been much worse. The trend is clear, however: in the next elections, cyber will play an even more significant role.

So how much has cyber actually affected the 2019 elections?

To answer this question, a clear distinction should be made between cyber events consisting mainly of unauthorized hacking into computer systems and databases in an attempt to disrupt the voting process or to manipulate it, and activities other than hacking which still take place in cyberspace, where millions of individuals are interconnected, and where the main thrust of the election campaign has actually taken place.

Let's start with the hacking events: as cyberspace is relatively new, and general elections where cyberspace played such a major role have never been held in Israel, coordinating the cybersecurity arrangements between the various organs was an "on the fly" effort that had not been fully clarified or finalized.

Generally, the National Cyber Directorate was in charge of directing the cybersecurity effort for the election campaign. The Directorate is subordinated to the Prime Minister's Office and operates the national cybersecurity center – CERT-IL (Computer Emergency Response Team), located in Be’er-Sheva.

The Head of the National Cyber Directorate, Yigal Unna (formerly the Head of ISA's Cyber Division) had determined early on that CERT-IL would not deal with "gray" activity in social media, like the employment of bots in an attempt to manipulate public opinion through the use of fake user profiles. Instead, it would focus on preventing hacks into the computerized election systems and political party HQs.

As always, the ISA was responsible for providing protection against hostile elements, as a disruption of the election process by a foreign element could be regarded as a terrorist attack to all intents and purposes. At the same time, the Central Election Committee (an independent organ) hired Buky Carmeli as a special cybersecurity consultant. Carmeli had headed the National Cybersecurity Authority which was disbanded in 2018 and assimilated in the new Cyber Directorate.

Carmeli was the only person who addressed the issue of cyberspace and the elections publicly, when he stated: "In cooperation with the Chairperson of the Election Committee, we charted five different systems associated with the family – storage, data, communication and dissemination. Protecting these systems is essential for properly preparing for the elections, as well as during the elections and even after the elections."

The Central Election Committee assumed responsibility for the "gray area" when it compelled the political parties to formally stand behind any statement, publication or advertisement on their behalf, including posts in social media, so as to fight the "bots" phenomenon. As far as the general public was concerned, the cyber issue made the headlines in the context of the elections for the first time in January, when ISA Chief Nadav Argaman warned against the intervention of a foreign country in the campaign.

Argaman probably referred to Iran, as well as to the hacking of the mobile phone of Benny Gantz. Until Amit Segal reported the hacking on Channel 2 News, only very few individuals had received the information, mainly as "Black" classified material, namely – it had been reported under a very high security classification with Gantz's name "blackened" – obscured and not revealed to the recipient. The information was reported to some high-ranking officials (probably including the Prime Minister, for whom no information is classified, in principle) and to Gantz himself.

Either way, as far as the national cybersecurity setup was concerned, the election campaign for the 21st Knesset had, in fact, started back in March 2018. Back then, the actual date of the elections was not yet known, but it was clear that the elections would be held in 2019 in any case (at the latest – at the original date, in November). Consequently, the people of the cybersecurity setup assembled the representatives of the various political parties and briefed them on how to prepare for the elections.

One of the scenarios presented to them was a hack that would yield embarrassing information about one of the candidates, and have it disseminated to the public – an approximate description of the actual case involving candidate Gantz (for a while, there were concerns about the material being disseminated). The "Kachol-Lavan" party had not yet existed back then, but the representatives of the "Yesh Atid" party, which eventually became a part of "Kachol-Lavan," did attend that meeting.

What did the various parties do with the recommendations they had received? It is hard to tell. "Hossen Le-Israel" (the original incarnation of the "Kachol-Lavan" party) considered, in any case, hiring cybersecurity services, probably after having been notified of the hack into Gantz's mobile phone, but rejected a proposed plan submitted to it, probably owing to price and priority considerations. When the party decided not to endorse the proposed plan, the story of the hack into Gantz's phone had not yet become a matter of public knowledge.

The Election Week

Software products used to concentrate the results from the polling stations were checked repeatedly and attempts were initiated to hack them in order to spot vulnerabilities. When the summing-up of the final results encountered disruptions, there were concerns that a cyberattack had, indeed, taken place. While the final estimate was that the counting of votes had not been disrupted, no one will ever vouch for that: the fear of a sophisticated intervention that leaves no trace in the elections will always linger, worldwide. In the USA, many people still believe that the results of the presidential elections were manipulated in favor of Donald Trump through cyber measures.

Either way, during the week of the elections in Israel, the National Cyber Directorate operated its assets as in a military operation. Not less than 20 individuals working at the control center of the Central Election Committee at the Knesset were Directorate employees. Their name tags did not reveal that fact, so as not to create the public impression that the elections were taking place under a cyberattack.

As far as the legitimate cyber aspects of the election campaign are concerned, the 2019 elections provided an enlightening demonstration of the influence of cyberspace on this field in our life. Politicians' visits to town squares and open-air markets were out; digital storms, fake news and sophisticated campaigns segmented by public audiences and sectors were definitely in, but that merits a separate article.

Digital Transformation in the IDF

Meanwhile, cyberspace has come to play a more important role in the IDF, too. Apparently, the process has gained considerable momentum since Aviv Kochavi became Chief of Staff.

The formative event, as far as Kochavi was concerned, occurred when he had been sent, as the commander of the Paratrooper Brigade, almost without any relevant intelligence, to dominate the Kasbah in Nablus during Operation Protective Shield. After the operation, Kochavi made inquiries and realized that "golden" materials had been available at the various command centers, mainly at the IDF Intelligence Directorate / GHQ and at IDF Central Command – but were not delivered to him on the ground.

Consequently, in his subsequent positions, as the commander of the IDF Gaza Division, as the commander of IDF Northern Command and mainly as the Head of the IDF Intelligence Directorate, Kochavi developed a "fetish" for improving digital warfare. He even devised and developed the activity known as Intelligence-Based Warfare, which consists primarily of "pumping" the intelligence available all the way to the smallest detachments on the battlefield.

At this point we can report that Kochavi is planning yet another revolution, known as the "Digital Transformation." Essentially, it consists of the transition to the use of standardized digital information by the entire military. This process will prove to be miraculous when even the IAF and the Intelligence Directorate, too, are connected (through secure channels, naturally) to the other elements of the IDF. For the purpose of this revolution, Kochavi may appoint a brigadier general to lead this activity within the IDF C4I Directorate. The IDF General Staff will probably finalize the details very soon.

You might be interested also