27 July 2015

Training Israel's cyber warriors

Yoav Zitun
07.24.15

Inside IDF computer labs, troops use a model city to practice creating mayhem: Causing a nuclear reactor to overheat, taking over traffic lights and rail, cutting power, hacking missiles, creating chaos in the stock market, and more – all in preparation for the next major conflict.

Far from troops' training fields, inside air-conditioned and apparently innocuous computer labs in Tel Aviv's Ramat Gan neighborhood, the IDF prepares for a nontraditional type of warfare – the cyber war that is sure to be a major component of future major conflicts.

Graduates of the cyber warfare course in the Computer Services Directorate have built a model city they use to rehearse diverse missions like halting the cooling process in a nuclear reactor, remotely taking over trains and traffic lights to cause accidents, taking control of stock exchange computers, cutting electricity, disabling radar systems at airports, and even taking control of anti-air missile systems in order to fire them at cities they were meant to protect.

The IDF is looking towards the war of the future.

Remote control of... (Photo: IDF Spokesman, Yoav Zitun)

One of the goals of the model city is for troops to practice creating sophisticated codes designed to remotely control computer systems.

"We just recently finished training the seventh graduating class of cyber warriors and have adapted our teaching methods better," said Major G., the course commander. "The soldiers have more experiences with the fundamentals of attack, in order to understand the other side's mindset. During Operation Protective Edge, there were attempts to attack Israeli infrastructure, which demanded cooperation between many elements and bodies to stop the attacks. Today we are much more active and no longer for attacks."

One of the course instructors is K., 19, who reminds his students of mysterious cyber attacks like the Stuxnet worm that infested Iran's nuclear facilities several years ago.

"In many industries there is a certain component that connects all the systems, even in elevators or in trains, and so Stuxnet attacked the centrifuge generators in Iran. As warriors, we develop scenarios to simulate dealing with such attacks, how to regain control of the system that was attacked and even create an ultimatum for the other side.

The IDF believes that in the event of a Third Lebanon War, Hezbollah will attempt to launch GPS-guided missiles or suicide drones at strategic targets like Reading Power Station in Tel Aviv to cripple the power supply to tens of thousands of households in the area. Iron Dome and David's Sling will be there apparently, in order to shoot down the threat while it's in flight. On the ground in south Lebanon, paratroopers will conduct maneuvers to destroy the launchers, and other launchers will be attacked by IAF planes.

The stock exchange (Photo: IDF Spokesman, Yoav Zitun)

But what happens if an attack on a critical, national asset is covert, silent, alarm-free and sudden, without shooting a single rocket?

Soldiers trained by the Computer Services Directorate know full well that the day will come when they will protect more than the military's computerized systems. The networked IDF has become a faster, deadlier military – but also a more vulnerable one.

The chief of staff directs the war at general headquarters via advanced programs and huge screens. The battalion commander uses the small display he can see through binoculars. Military intelligence sees the IAF and the armor fires only after a screen in the tank shows where the soldiers are located.

And the train (Photo: IDF Spokesman, Yoav Zitun)

And the enemy, be it Iran or a Palestinian hacker in a Gaza house or a Chicago garage, wants to knock the IDF out with the push of a button.

Israel's official policy is that any vital body, private or public, that is necessary for continuity of the state's functioning, is required to protect itself from cyber attacks, according to Shin Bet orders. The electric and water companies, banks, and even mobile networks are some of the businesses that must meet this requirement.

But when the day comes that an organization or state launches a cyber campaign against Israel, the cyber warriors will not sit by idly.

No comments: