Israel is still routing Iran in the real world impacts of cyberattacks, even if the Islamic Republic has rallied to cause increased harm to Israeli websites and through its social media influence campaigns, former IDF Intelligence Corps Unit 8200 Col. (res.) and Team 8 Chief Ideation Officer Bobby Gilburd said.
Speaking to The Jerusalem Post following Team 8’s recent report relating to artificial intelligence (AI) and business issues, he said, “We need to separate the psychological campaign” from the campaign to damage actual physical world functions.
Gilburd had been asked to address a series of Iranian cyberattacks discussed in comprehensive detail by former deputy National Security Council chief Chuck Freilich in his INSS book The Iranian Cyber Threat.
Freilich relates how in 2022 alone, Iran-affiliated APT34 disabled air traffic control at Ben-Gurion Airport for several hours, leading to numerous flight cancellations; there was an IRGC-affiliated attack led the Israel National Cyber Directorate (INCD) to declare a state of emergency when the attack disrupted websites for the Prime Minister’s Office and other government websites; and the “Hackers of Saviors” disrupted the operations of a logistics firm at the port of Ashdod.
“The social media influence campaign is important, and bringing down the internet website of government ministries and [minor issues at] Ben-Gurion Airport lends itself to good photos and it shouldn’t happen – and there should be an investment to defend the websites – but Israel is still not getting hit like Iran, where their supply at gas stations got hit,” Gilburd said in response, referring to claims made by foreign sources.
“The basic functioning of the [entire Iranian] gas distribution system [nationwide] was impacted in a way that civilians really felt it. This was a serious harm,” The former Unit 8200 senior officer stated.
“So yes, they [Iranian affiliated hackers] succeeded, but [the Israeli] people don’t feel like the government is unable to defend us,” he said, in contrast to regular Iranians feeling very vulnerable to Israeli cyberattacks in the physical world.
Defending this position, he noted how Israelis have not only not slowed, but have continued to speed up their transition to running more of their live using digital means.
More Israelis are “moving their electricity to a smart digital counter. This is a good trend. It is also more vulnerable to a cyberattack, but Israelis do not consider this transition to be a source of concern which Israel is unable to defend against,” Gilburd said.
“In Iran, people feel unprotected in the digital domain.”
October 7 – and the war
MOVING ON to discussing the current war, he said that he spent six weeks back working for Unit 8200 starting from October 8 and that it was a powerful experience.
“I would go out from super important Unit 8200 meetings to speak to private sector customers, mostly companies in the US and the EU, as if it was business as usual. We needed to present that” as a feeling of security for the clients – that their needs would be addressed despite the war.
“We also didn’t cancel events, though we did change their structure,” he said.
After some experiences where Zooms with clients were disrupted by air raid sirens, Team 8 moved all of its meetings to a secured room so that there would be no need to move even during a siren.
Eventually, many people started to return closer to regular hours at the office, though some in reserve units did not come back until early March, as the pace of the war started to slow.
“There is a resilience [for the society] from the economy,” he stated. “The security resilience has been harmed, but we cannot let the economy be harmed. We are fighting the war for people to live – that means to prosper and flourish.”
Questioned about some of the October 7 intelligence failures placed by many at Unit 8200’s feet and whether it could probe itself and improve, Gilburd was unequivocal.
“Unit 8200 will rehabilitate itself. From the first day, people adapted to both continue the fight and take responsibility [for October 7]. Everyone says something was not acceptable, at every rank and level. We needed to accomplish something, and it did not work. There will need to be a different political leadership. The IDF and Unit 8200 also took responsibility. But they have the capability both to probe and to fight because we need to fight,” he said.
“We will carry out a probe not just to say who failed, but also to make sure that any problem from October 7 does not recur tomorrow,” Gilburd said.
“I served for 26 years, and the IDF knows how to perform probes and take them seriously to get to the root causes of an issue. And the IDF can change. I am calm and think the IDF can do two things at the same time.”
Gilburd was released from the IDF in July 2022.
REGARDING THE media leaks against specific IDF officials, he said he was “sure they are not from the IDF. No one throws others under the bus.”
For example, he noted that “[IDF intelligence chief Maj.-Gen. Aharon] Haliva said first ‘I am responsible,’” before he said anything else (Y.J.B. – Haliva also subsequently resigned).
Understanding the state of cyber war with Iran and how Unit 8200 or top Israeli political or business leaders can best perceive future threats and opportunities all connects back to the key findings of a recent Team 8 report relating to AI and business issues. These findings include that 94% of Chief Information Security Officers said they are using integrated business intelligence, with over half saying they are heavily using machine intelligence platforms.
They listed the three largest cyber security challenges as: the democratization of information (54% of CISOs named this as a major challenge), the quality of data (also 54%), and those in society who ignore data (39%).
Aviad Harel, managing partner of Venture Creation Enterprise at Team 8 who led the study, said that “at the end of the day, everything starts and ends with data, and the area of data is the most profound challenge for modern organizations, especially in science and technology. This goes along with the increasing requirement for efficient and correct usage of the data.”
Some “organizations are adopting the approach of having Data Driven decisions even as a strategic basis for their core business strategy and budget,” Harel said, adding that “organizations which adopt AI technology into their data gathering apparatus in a smart and efficient way, will have a notable competitive business advantage.”