Cyber Intelligence: When Technology Becomes the Battlefield
Cyberspace is now considered the 5th battlefield, central to intelligence and offensive cyber operations
Over the past two decades, the digital era has transformed how societies interact and operate. Technologies like social networks, IoT (Internet of Things), and blockchain have led to advances, but they also present new vulnerabilities. Armed forces and terrorist organizations increasingly exploit these in conflicts. As technology progresses, cyberspace has become the fifth battlefield, central to intelligence and offensive cyber operations. Today, many governments, militaries, and even terrorist groups maintain cyber units with varying capabilities, constantly targeting their enemies’ technologies, systems, and networks to extract intelligence or sabotage infrastructure.
Social Networks and Apps
Social networks and messaging applications are key sources for cyber intelligence operations. Terrorist groups and state-sponsored APTs (Advanced Persistent Threats) often exploit these platforms through social engineering and phishing, aiming to infect devices with spyware. Hamas and Hezbollah have notably used these methods to target Israeli soldiers and officials, while Iran and Russia have engaged in similar operations. Although platforms work to detect fake profiles, advanced fake profiles are still difficult to detect, especially those enhanced by artificial intelligence.
Threat actors use psychological tactics, often employing emotional manipulation to trick their victims into risky behaviors. They leverage emotions like fear, curiosity, excitement, guilt, anger, and sadness to encourage impulsive actions. Urgent requests are another common tactic to prompt victims into quick, unconsidered responses. In-depth research into the victim’s online behavior allows attackers to create credible fake profiles, fostering trust and ultimately breaching their target’s defenses.
IoT devices, such as smartphones, smartwatches, CCTV cameras, and sensors, have become integral to daily life, but this dependency creates serious security risks. Many military, civilian, and terrorist groups now target IoT devices in cyber operations, exploiting their vulnerabilities. These devices are often less secure than larger systems like servers or computers due to weak passwords, lack of updates, insecure communications, and weak authentication mechanisms.
Before October 7, 2023, the IRGC (Islamic Revolutionary Guard Corps) and Hamas hacked Israeli video surveillance cameras, gathering intelligence on infrastructure and communities. Similarly, Russian intelligence hacked Ukrainian surveillance cameras during their conflict. Threat actors use various techniques to exploit IoT devices, including denial-of-service (DoS) attacks, which flood devices with traffic, rendering them unusable. Malware attacks, such as spyware or ransomware, are also common, extracting sensitive information or disabling devices.
In 2018, Hamas attempted to infect Israeli smartphones with spyware disguised within the RedAlert app, which alerts citizens to missile launches. In 2022, both Russia and Ukraine used cell phones to track enemy locations and extract data to coordinate attacks. In 2023, Iranian military intelligence, in collaboration with Hezbollah’s cyber unit, attempted to hack Israel’s Ziv Medical Center. Though the attack was foiled, the hackers accessed private data stored in the hospital’s systems.
Supply chain attacks are another effective method. Modifying hardware before devices reach their destination can provide hackers with long-term access to sensitive information. Hezbollah has reportedly tampered with pagers used in its operations, showing the efficacy of such attacks.
The Future Battlefield
As technology advances, military forces must prepare for a battlefield increasingly dominated by cyber operations. Networks and IoT devices will remain prime targets for both military forces and terrorist organizations. Even outdated technology can become a vulnerability if exploited creatively by determined adversaries.