Mahzor

New York Public Library

Churches

Sarajevo Haggadah

Mah Nishtanah

Sarajevo haggadah

Antaea Darom

Israeli women's art

Action

Torah as music

Ben Heine

Action

ceramic bowl

Mohammad Said Kalash, "Offering Reconciliation" exhibit (photo: Ilan Amihai)

Action

Punch and Judy/Pinchas and Jamila

Avi Katz

Action

David Grossman

Ben Heine

Action

Eldrige Street shul

Lower East Side

Action

Dove

Ben Heine

Action

Two birds

Hoda Jamal

Action

Israeli and Palestinian boys

from documentary, Promises

Action

Cat in the Hat

Yiddish version

Action

Daylight through the Wall

Banksy: graffiti art on Separation Wall

Action

Maurice Sendak's Brundibar set

New Victory Theater (photo: Nan Melville/NYT)

Action

Daniel Barenboim, West-Eastern Divan Orchestra

Palestinian-Israeli musical ensemble (photo: Kerstin Joensson/AP)

Action

Great Day on Eldrige Street

N.Y.'s klezmer greats celebrate shul rededication (photo: Leo Sorel)

Action

Joint Appeal for Peace

(Avi Katz)

Joint Appeal for Peace

Ketubah, Ancona, Italy (1772)

(Jewish Theological Seminary library)

Ancona ketubah

Archive for September, 2010

« Older Entries

IDF Cyber Warfare Unit 8200 Press-Ganged Felonious Hackers and Pedophiles for Service

Thursday, September 30th, 2010

OK, that headline was a bit extreme.  There’s only three known sex offenders in Unit 8200.  But there are quite a few hackers with dubious pedigrees who’ve been press-ganged into military service there according to the Telegraph:

Israel demonstrated its intent to conquer cyber warfare in the 1990s by presenting the country’s legions of hackers with a choice between prison and working for the state.

Thousands are said to have signed up since then and have been incorporated into the defence forces Unit 8200.  In the intelligence community it is regarded as a singularly Israeli act of bravura that has given the country an edge in a world that has been rapidly immersed in cross border technology attacks.

Hackers, who invariably learn their skills engaging in illegal activity as teenagers, offer key advantages to countries seeking to defend against cyber warfare, or go on the offensive against an enemy.
The Negev desert based Unit 8200 has evolved from the signal intelligence arm of the Israeli military into a respected leader in high technology warfare.

It’s being mighty charitable to call dragooning computer criminals into military service “an act of bravura.”  I’d call it closer to the strategy of the Berlin police department in the film, M, where it enlists rapists, pedophiles and stick-up artists to find the murderer of a young girl.  And the question is: do you want former criminals with borderline pasts and personalities leading you country’s efforts to keep it safe from the really bad guys?

Here’s an example of what some of that borderline personality brings to the table.  Haaretz reports that a soldier in the unit has been accused in court of sexual harrassment for video calls he made on his cell phone.  A girl went to her local police station complaining that she was receiving video calls from a number she didn’t recognize in which a man exposed himself and engaged in a sex act.  The suspect is a Haredi Jew from Bnai Brak.

The article continues (in Hebrew):

This isn’t the first time soldiers serving in Unit 8200 have been accused of such crimes.  Last December, a First Lieutenant in the unit was arrested on suspicion of engaging in acts of pedophilia through the internet…The officer explained that he was a babysitter for children during which time he exploited the situation to engage in such acts.

Last July, another officer in the unit was arrested after he assaulted two young women in the street.

Lest anyone think I’m claiming Unit 8200 is composed of the dregs of Israeli society, of course that isn’t entirely true.  Clearly, creating malware as complex and ambitious as Stuxnet, if it was created by the IDF, is not something written by a ‘script-kiddie.’  It’s very serious work composed by very serious programmers.  But I am trying to point out that Israel’s culture of going for broke in its pursuit of tactical objectives; and its willingness to break societal norms and lower the inhibitions to engage in such acts of sabotage, piracy and even violence, lead you inexorably to stories like the ones above.  Recruiting anti-social hackers for military service makes perfect sent for a country many consider anti-social (or even sociopathic) in international terms.

Returning to the computer worm, Stuxnet, reputed to be the handiwork of some of these fine lads, China is reporting a massive infestation of the pest, which is reputed to have caused great damage:

computer virus dubbed the world’s “first cyber superweapon” by experts and which may have been designed to attack Iran’s nuclear facilities has found a new target — China.

The Stuxnet computer worm has wreaked havoc in China, infecting millions of computers around the country, state media reported this week.

“Once Stuxnet successfully penetrates factory computers in China, those industries may collapse, which would damage China’s national security,” he added.

Another unnamed expert at Rising International said the attacks had so far infected more than six million individual accounts and nearly 1,000 corporate accounts around the country, the official Xinhua news agency reported.

Another Chinese source consulted in the article downplayed the seriousness of the threat.  This repeats a pattern seen in Iran in which government officials acknowledge serious damage to the country’s nuclear facilities from the worm only to be contradicted by other sources.  I’m inclined to credit the sources acknowledging damage as these are the types of countries which would be loathe to present a vulnerable face to the world.

Posted in Mideast Peace | 6 Comments »

Israeli Military Breaks Into Silwan Home, Beats Up Brother of Murdered Resident

Thursday, September 30th, 2010
israeli border police during silwan assault

Israeli Border Police near site of yesterday's assault on Sirhan home

Not content merely to have murdered Samar Sirhan last week at the hands of a trigger happy settler security guard, Israel’s hallowed Border Police added insult to injury by breaking into the Sirhan home yesterday morning at 2:30AM where they promptly severely beat several of his brothers and arrested one of them who required nine stitches for his injuries.

What possible pretext can these heartless goons have for exacerbating the suffering of this family?  Clearly, all Israel including its Jewish residents knows the killing was murder.  They’ve seen the live video of the shooting scene.  They know the guard and police story don’t wash.  They know the family is pressing for justice.  This is a naked projection of brutal power to cow the family into submission.

Hey, does everyone here remember the Jerusalem police’s newly appointed “Arab liaison,” Doron Zahavi aka “Captain George?”  The one notorious for arranging for the sodomization of Mustafa Dirani when he helped run an IDF military intelligence detention center a few years ago?  This is the kind of excellent community liaison work for which Zahavi can doubtless take credit.  I believe this is called “pacification,” Israel style.

Here is Joseph Dana’s account of police brutishness during recent disturbances in Silwan following Sirhan’s murder:

Recently, I was on the ground and witnessed soldiers urinating and defecating on the roofs of private Palestinian homes, throwing bottles (water and beer) on to Palestinians pedestrians on the street and breaking windows left and right.From the ground [live] I tweeted:

Soldiers are trashing roof tops with urine and feces in Silwan. We are cleaning up and putting the waste in front of the settler house”

“The police have no shame at all. They have broken a window now and poked their heads into the house demanding coffee”

“They are also throwing bottles from roofs on to the main streets.”

If you are a Jew and supporter of Israel’s current government and policies, how much longer can behavior like this go on in your name?  Will you say, ‘Enough?’  Ever?

Related articles by Zemanta

Tags: , , ,
Posted in Mideast Peace | 3 Comments »

Mossad Threatens Life of Dubai Police Chief Investigating al-Mabouh Assassination, New Suspect Arrested

Thursday, September 30th, 2010
jimmy durante

Dubai to Mossad: 'You ain't seen nuthin' yet!'

Israel’s Mossad, not one to be toyed with when it comes to foreigners pursuing its agents or stepping on its toes, twice threatened the life of Dubai’s police chief, who is investigating the Mahmoud al-Mabouh assassination likely carried out by Israel’s foreign intelligence service last January.  France24, quoting al-Ittihad, reports the first threat was made shortly after the police chief revealed that it had photographs of virtually every agent involved in the hit and would pursue them through Interpol and every means at its disposal.  According to the report, the threat said:

“Protect your back if you were capable of leaving your tongue loose.”

The chief says that United Arab Emirates traced the threat to its source in the Mossad.  The second threat was conveyed by a western Dubai resident with dual passports to the police chief’s close relative and former Emirati official:

The second threat, the paper said, was a telephone call to one of Khalfan’s relatives, a retired top Emirati official, from a “Westerner with a dual passport” whom, he said, had asked “my relative to advise me to remain silent.”

It was later proved that the caller was a retired Mossad agent, he added.

To paraphrase Neil Young: “Rust, and the Mossad, never sleep.”  But luckily it appears that Dubai’s intelligence service doesn’t either as an unnamed western country has arrested another of the Mossad agents behind the al-Mabouh killing.  Watch this blog space for future reports on who was arrested and by whom as the story develops.

Poland arrested another of the agents who adopted the fraudulent identity of a real Israeli named Brodzkey and extradited him to Germany, which promptly freed him, upon which he disappeared.  He’s probably sitting on his Tel Aviv verandah sipping nice strong Turkish coffee.

And as Jimmy Durante (I’m dating myself) used to say with a sparkle in his eye and a wag of his head and that massive proboscis: “You ain’t seen nothin’ yet!”

Tags: , ,
Posted in Mideast Peace | 11 Comments »

Haaretz’s Melman Suspects Israeli Involvement in Stuxnet

Wednesday, September 29th, 2010

hadassah myrtleThe N.Y. Times offers some intriguing theories and reporting on the Stuxnet worm affair.  Among the tantalizing issues it raises is that the name “Myrtus” (Latin for “myrtle”) has been discovered in the malware’s computer code and may indeed have been the overall name of the project.  Also, one of the code modules was named for Guava, the fruit genus in which the myrtle tree is found.

Those who know their Biblical Hebrew will recall that Queen Esther’s Hebrew name is Hadassah, and that hadas is the myrtle tree.  As John Markoff and David Sanger note in their story, the Book of Esther recounts a preemptive strike by Persian Jews against the rulers of the kingdom who sought to exterminate the country’s Jewish community.  If Israel’s cyber warfare community created this cyber weapon, clearly they would see their efforts in precisely the same vein using computer warfare to preëmpt an Iranian nuclear weapon, which many Israeli leaders have called a method to exterminate not just Israeli, but world Jewry.

The Times story concedes that all this may be a very sophisticated red herring designed to intrigue the world into presuming Israeli involvement.  Along these lines, it’s worth noting that Israelis claiming an affiliation (which I strongly doubt) with that country’s intelligence services offered me what they claimed was the code name of the upcoming attack on Iran: Cyrus the Great.  Again, an intriguing red herring.  But possibly one that Israeli intelligence would like spread around the internet by someone like me as a form of anti-Iran psyops.

The Times story also raises once again, as I have done, the distinct possibility that the IDF cyberwarfare Unit 8200 would be expected to have created this monster if the job was done by Israel.  In an interview with the authors, Haaretz’s respected security correspondent, Yossi Melman, now seems to have adjusted his views and believes that Israel was involved.

infected usb driveOver a year ago, Reuters published a story which clairvoyantly outlined Stuxnet, the Israeli strategy that might’ve created it, and even speculated on the means of delivering the worm which turned out to be prescient:

…Cyberwarfare…is seen by independent experts as the likely new vanguard of Israel’s efforts to foil the nuclear ambitions of its arch-foe Iran.  The appeal of cyber attacks was boosted, Israeli sources say, by the limited feasibility of conventional air strikes on the distant and fortified Iranian atomic facilities, and by US reluctance to countenance another open war in the Middle East.“We came to the conclusion that, for our purposes, a key Iranian vulnerability is in its on-line information,” said one recently retired Israeli security cabinet member, using a generic term for digital networks. “We have acted accordingly.”

Cyberwarfare teams nestle deep within Israel’s spy agencies, which have rich experience in traditional sabotage techniques and are cloaked in official secrecy and censorship. They can draw on the know-how of Israeli commercial firms that are among the world’s hi-tech leaders and whose staff are often veterans of élite military intelligence computer units.

“To judge by my interaction with Israeli experts in various international forums, Israel can definitely be assumed to have advanced cyber-attack capabilities,” said Scott Borg, director of the US Cyber Consequences Unit, which advises various Washington agencies on cyber security.

Technolytics Institute, an American consultancy, last year rated Israel the sixth-biggest “cyber warfare threat,” after China, Russia, Iran, France and “extremist/terrorist groups.”

Asked to speculate about how Israel might target Iran, Borg said malware — a commonly used abbreviation for “malicious software” — could be inserted to corrupt, commandeer or crash the controls of sensitive sites like uranium enrichment plants.Such attacks could be immediate, he said. Or they might be latent, with the malware loitering unseen and awaiting an external trigger, or pre-set to strike automatically when the infected facility reaches a more critical level of activity.

As Iran’s nuclear assets would probably be isolated from outside computers, hackers would be unable to access them directly, Borg said. Israeli agents would have to conceal the malware in software used by the Iranians or discreetly plant it on portable hardware brought in, unknowingly, by technicians.

A contaminated USB stick would be enough,” Borg said.

Now, we can say that either Borg was involved in creating or delivering Stuxnet or else he was prescient.  I choose to believe the latter.  It’s also worth noting that Borg understood Israel’s motivation to do this right around the time Stuxnet was created (it’s first appearance was in 2009, around the time this article was written).  Further, it’s simply astonishing that if an American cybersecurity expert knew in 2009 an infected USB stick could damage Iran’s nuclear plants that no Iranian thought about this and did anything to prevent it.  I would think there might be a few heads rolling in the security offices of Natanz and Bushehr.

An Israeli cyber warfare specialist employed by the Israeli military industry who Markoff and Sanger interview disputes Israel’s involvement.  Frankly, if Israel was involved either this individual or his colleagues, protegés or mentors may’ve played a role in the project, so we have to discount the reliability of his testimony.

The Israeli expert also makes a claim that is disputed by Iranian experts themselves about the behavior of the virus:

Shai Blitzblau, the technical director and head of the computer warfare laboratory at Maglan, an Israeli company specializing in information security, said he was “convinced that Israel had nothing to do with Stuxnet.”

“We did a complete simulation of it and we sliced the code to its deepest level,” he said. “We have studied its protocols and functionality. Our two main suspects for this are high-level industrial espionage against Siemens and a kind of academic experiment.”

Mr. Blitzblau noted that the worm hit India, Indonesia and Russia before it hit Iran, though the worm has been found disproportionately in Iranian computers. He also noted that the Stuxnet worm has no code that reports back the results of the infection it creates. Presumably, a good intelligence agency would like to trace its work.

This strikes me as sophisticated disinformation.  Can any reasonably serious person believe that a project involving scores of programmers working in teams over at least six months aiming to infect Iranian industrial command and control systems was merely “an academic experiment?”  As far as the claim of industrial espionage against Siemens, that too lacks credibility since the worm appears to be benign outside Iran and there are no known cases of real damage outside that country.  Various sources inside Iran have acknowledged such damage (though there are other voices there who dispute this) and we know of apparent sabotaging of Natanz’s centrifuge arrays.

Further, Iranian sources also dispute another claim by Blitzblau, that Stuxnet doesn’t report back its results:

The director of the Information Technology Council of the Industries and Mines Ministry has announced that the IP addresses of 30,000 industrial computer systems infected by this malware have been detected, the Mehr New Agency reported on Saturday.

“An electronic war has been launched against Iran,” Mahmoud Liaii added.

This computer worm is designed to transfer data about production lines from our industrial plants to (locations) outside of the country,” he said.

Also, in the realm of Israeli disinformation, NGO Monitor’s Gerald Steinberg replied, in an e-mail thread that included me that his view is that Vladimir Putin did it!  Yes, I kid you not!

In a rational policy analysis, in which there are no good options, the “least bad” option becomes the policy of choice. If this is indeed a cyberattack undertaken by a government body (Putin’s Russia is also a logical candidate), designed to damage the Iranian nuclear weapons development program, and if this strategy was selected following a careful assessment in which the military as well as other options were deemed to be less likely to achieve core objectives at lower costs (including options expected to have ineffective results — sanctions), and if the side-effects, to the degree that they could be anticipated, including “blow back”, were considered in this assessment, then perhaps this is the “least bad option”, given all the factors and available options.

I almost gagged when I read that.  Russia??  What is the guy smokin’?  First, a Russian contractor is building Bushehr.  Why would Putin want to sabotage the work of his own country’s contractor?  Why would he wish to impede the development of a project to which his country and government have devoted incredible amounts of effort, energy, and national pride?  The entire notion beggars belief and sounds to me like Mossad disinformation. The only question is whether Steinberg says these things because he truly believes them or because Meir Dagan wants him to say them.

Yes, it is true that the infection wormed its way into Iran through an infected USB stick from that same Russian contractor.  But this would mean that either the contractor or someone in the Russian intelligence community deliberately infected Iran’s nuclear facilities and did so in a way that was traceable back to it.  This is something the actual creator of Stuxnet would NEVER have done unless he was very stupid.  And whoever created Stuxnet was NOT stupid.

Tags: , , , , , ,
Posted in Mideast Peace | 21 Comments »

Dungeons of Shabak–Version 2.0 (or 3.0?)

Wednesday, September 29th, 2010

One of the most ‘sensational’ Shabak “spy” (you’ll see why I use quotation marks shortly)  dramas of the past few months has been the “middle of the night” arrest of Israeli Palestinian community activist Ameer Makhoul–with the accompanying arrest of naturopathic pharmacist Omar Said–for allegedly spying against Israel for Hezbollah.  This incident is part of a ritual repeated every few months by Shabak both to cow Israel’s Palestinian population into submission, showing them who’s boss, and also to condition Israel’s Jewish population to suspect the loyalty and trustworthiness of their fellow non-Jewish citizens.  And it works.  Everybody seems to play their part: the Shin Bet parades the suspects and takes credit for protecting the state from treachery; while Israeli Jews (most, anyway) learn the lesson that they should never see their fellow citizens as individuals worthy of respect and equal rights.

Israeli Palestinian security suspects

Israeli equivalent of the 'Commie Bastard' perp walk of the 1950s (Max Yelinson)

Those who follow such security cases will recall that before Makhoul, we had the case of Azmi Bishara, driven out of his homeland by a secret police ‘investigation’-vendetta which accused him of serious crimes without offering any evidence.  The Shabak allowed him to leave the country rather than prosecute him, all the while trumpeting what a villain he had been.  Those with longer memories will undoubtedly remember similar cases that preceded these.  In fact, most Palestinian Knesset members at one time or another have formal police investigations opened against them based on similar, though slightly less lurid accusations.  As I said, they’re about as regular as clockwork in Israel; something akin to the old FBI perp walks of ‘Commie bastards’ in the 1950s replete with short ‘shifty’ men desperately concealing their faces with their trenchcoats and their fedora.

rosenberg arrest

The search for the bogeyman U.S.-style: the Rosenbergs arrest

A few months ago, I reported here on a new case involving Fada Sha’ar, a 27 year-old from the Golan Druze village of Magdal Shams, accused along with another resident of contact with a Syrian “intelligence agent,” who happened to be the Syrian government official responsible for the welfare of former Syrian residents of the Golan.  The man’s father and mother were also arrested and accused of being his accomplices (more likely the secret police were attempting to exert leverage over him as the FBI did by arresting Ethel Rosenberg in the famous 1950s case).

This alleged intelligence agent had offered the boy help in finding a music school at which the boy could study the traditional Arabic oud.  The funding of his studies by Syria was deemed a treasonous act causing irreparable damage to the State.  On return from a break in his studies in France he was arrested for what in reality amounts to practicing a traditional Arab folk instrument.  Of course, they gussied up the case with reports of secret meetings, threats to kidnap an Israeli soldier, etc.

As I wrote above, it’s as if the Shin Bet case officers are fans of pulpy spy thrillers.  They take a real event like the capture of soldiers along the Lebanese border, dress it up with some updated facts and names, and attempt to pass it off as the latest example of Arab perfidy.  What’s laughably ironic is that if these secret policemen were thriller writers they’d be laughed out of the room by their fellow writers: kidnapping Israeli soldiers?  Been there, done that.  Is that the best you can come up with?  But the Shin Bet knows it doesn’t have to come up with anything truly convincing, it merely has to recycle old stories and a populace conditioned to react with suspicion and horror will, like Pavlov’s Dog, do the same when the conditioned response is properly stimulated.

Now, Ynetnews reports that Sha’ar and his colleague have been indicted and accused of being Syrian agents.  As I wrote in my earlier post, read closely the language (the first example below is my translation of the opening sentence in the much fuller Hebrew version; the second from the English version) used to describe the alleged acts of these individuals and tell me whether Israeli reporters are acting as stenographers for the secret police or whether they are acquitting themselves credibly as members of the Fourth Estate:

Yet another connection between residents of the Golan Heights and Syrian intelligence uncovered.

Madhat Salah [the alleged Syrian handler]…operated both the father and the son who were arrested

What was Sha’ar’s crime?  He is alleged to have conveyed $500 each to three Israeli Druze families who have members in Israeli prisons.  For this, the boy is alleged to have received an $800 payment.  Within Israel itself, there is no doubt that there are many settlers who would consider it an honor to support convicted murderer heroes like Yigal Amir or Asher Weissgan with such funds.  In fact, the Israeli group, Honenu does precisely this.  Only when you’re a Golani Druze does such financial aid become an act of treason.

The indictment further accuses Sha’ar of receiving an e mail message from the Syrian suggesting that he kidnap an Israeli soldier.  What did the boy do?  He refused.  And again, for this he stands to lose of major chunk of his life rotting in an Israeli prison system, in which he will become undoubtedly an even more embittered opponent of Israel than he is now.

The problem with Israeli coverage of such security stories is that it acts as a mere cipher for the security services.  Reporters dutifully report what the Shabak tells them.  While they may once in a while use terms like “alleged” or “reported” or concede the story is reported to them by the government, the clear preponderance of credibility is given TO the security apparatus.  Hardly any given to the accused.  You will struggle to find any quote from a source close to the victim.  Not a family member, not a lawyer, not even a Palestinian human rights NGO.  And if they do quote a lawyer he has not even been informed of the charges by the government so he can’t speak credibly on behalf of his client.

It’s all a sad charade of due judicial process.  Even worse, it’s a charade of professional journalism.  In most western media, an editor would not let such a story run without some semblance of balance including a statement from someone representing the victim.  Only in Israel or perhaps nations like Russia, North Korea, Iran or Saudi Arabia, does journalism similarly cozy up to government power.

Only a few hours after the authorities unveiled this indictment, the Shabak trotted out a new set of Arab “traitors.” (Hebrew)  The charges against these are perhaps even more ludicrous than those of our previous victims.  Two Israeli Palestinians, residents of Shifar’am and Umm al-Fahm, stand accused of being unable to locate a weapons cache that was prepared for them near a traffic intersection.  The Ynet report doesn’t even use the term “allege” in connection with this claim.  It says: “the investigation established that…”  It states that this is what happened with no qualifier.  They were supposedly to use these weapons for a terror attack inside Israel.  After being arrested they couldn’t even lead the investigators to the buried cache.  As an aside, do you even believe that a U.S. police force would be willing to appear so foolish as to arrest criminals for possessing such a weapons haul when neither the police or the bad guys can find it??  What do you accuse them of?  Where is the evidence?  Only in Israel can such charges be made to stick in such circumstances.

The accused are also said to have been asked to recruit others to join Hamas and undergo training abroad.  Where?  Well, what nation does Israel need to smear these days?  Turkey, of course.  And did the victims agree to do this?  Even the charge sheet against them concedes that they refused.  Since when do you arrest someone for refusing to commit a crime?  Only in the Land of Oz and Israel.

Maariv claims these guys received $120,000 (Yediot bafflingly claims $200,000) in return their services ten years ago.  That’s right, some or all of this happened an eternity ago.  And yet it’s being dredged up here by the Shin Bet for the first time.  Talk about old news!

To be clear, it is entirely possible that there are Israeli Palestinians who might engage in a real crime of espionage.  I am not claiming there are no such citizens who might endanger Israel’s security.  I AM claiming that these victims are not them.  Further, Israel’s security services are a joke perpetrated on the most powerless, most discriminated against.

Why?  It’s no secret that political tension is at a boiling point both within Israel and the Middle East concerning the peace talks and the so-called “Iranian threat.”  What better way to unite Israel’s population behind its government, military and secret police than stirring up fear of the Syrian menace?  Any general or Shin Bet chief wishing to derail any chance of Syrian-Israeli peace talks need only gin up a little of this sort of mischief to make the public wary.

The only thing missing in these stories is an Iranian bogeyman.  Couldn’t the Shin Bet have dredged up a suitable Iranian mullah offering wads of cash to Israeli Palestinians in return for spilling the secrets of Dimona?  Don’t worry, that may come if things get bad enough.

Tags: , , , , , ,
Posted in Mideast Peace | 53 Comments »

Israeli Attack on Syrian Reactor, Template for Iran Attack?

Monday, September 27th, 2010

When the Times’ John Markoff wrote about the Stuxnet worm and the impact that it was having on Iran, he sent me on a chase after an interesting article, The Hunt for the Kill-Switch, that described the method by which Israel may’ve “wormed” its way into Syria’s radar defense system, which allowed its aircraft to penetrate undetected and destroy the alleged reactor site.

This article in turn sent me to an even more interesting article, Israel Shows Electronic Prowess, a puff-piece for Israel’s electronic warfare industry, which described U.S. collaboration in the Israeli attack.  Further, it quotes John Bolton, not a reliable source by any means but one worth paying attention to because like a clock he’s right twice a day (if that), as saying that the Syria attack might serve as a template for an attack on Iran.  With the reports about Stuxnet and the damage it’s allegedly had on Iran’s nuclear reactors, this is an even more important subject than it was a week ago before much of the world knew about the worm.

kill switch

Did Israeli 'kill-switch' disable Syrian air defenses in 2007 attack and could the same happen in the event of an Iran attack?

The first article posits that Israel’s intelligence apparatus may’ve inserted an electronic “kill-switch” into a chip contained within the electronics of Syria’s radar defense system.  The altered chip, which could’ve been added either through a component supplied by an Israeli supplier or through a component to which Israeli intelligence had access, could’ve been activated as Israeli jets streaked toward Syria, thus turning off the radars so that they would have failed to detect the intrusion of Israeli jets into Syrian airspace:

Last September, Israeli jets bombed a suspected nuclear installation in northeastern Syria. Among the many mysteries still surrounding that strike was the failure of a Syrian radar–supposedly state-of-the-art–to warn the Syrian military of the incoming assault. It wasn’t long before military and technology bloggers concluded that this was an incident of electronic warfare–and not just any kind.

Post after post speculated that the commercial off-the-shelf microprocessors in the Syrian radar might have been purposely fabricated with a hidden ”backdoor” inside. By sending a preprogrammed code to those chips, an unknown antagonist had disrupted the chips’ function and temporarily blocked the radar.

The writer further describes precisely how the errant chip might find its way into a computer system and it’s derring-do worthy of a Hollywood spy thriller:

To create a controlled kill switch, you’d need to add extra logic to a microprocessor, which you could do either during manufacturing or during the chip’s design phase. A saboteur could substitute one of the masks used to imprint the pattern of wires and transistors onto the semiconductor wafer, Adler suggests, so that the pattern for just one microchip is different from the rest. ”You’re printing pictures from a negative,” he says. ”If you change the mask, you can add extra transistors.”

Or the extra circuits could be added to the design itself. Chip circuitry these days tends to be created in software modules, which can come from anywhere, notes Dean Collins, deputy director of DARPA’s Microsystems Technology Office and program manager for the Trust in IC initiative. Programmers ”browse many sources on the Internet for a component,” he says. ”They’ll find a good one made by somebody in Romania, and they’ll put that in their design.” Up to two dozen different software tools may be used to design the chip, and the origin of that software is not always clear, he adds. ”That creates two dozen entry points for malicious code.”

The Aviation Week article is a more straightforward portrayal of the Israeli attack on the Syrian reactor, also serving as a bit of puffery for the entire Israeli electronic warfare industry.  It begins with the rather startling claim that U.S. military intelligence cooperated with the Israelis:

The U.S. was monitoring the electronic emissions coming from Syria during Israel’s September attack; and—although there was no direct American help in destroying a nuclear reactor—there was some advice provided beforehand, military and aerospace industry officials tell Aviation Week & Space Technology.

…There was “no U.S. active engagement other than consulting on potential target vulnerabilities,” says a U.S. electronic warfare specialist.

Which is “military speak” for: “We didn’t send our jets or pilots but we did just about everything else we could to help.”

It describes the attack on Syria’s air defense system in quite comprehensive fashion:

The main attack was preceded by an engagement with a single Syrian radar site at Tall al-Abuad near the Turkish border. It was assaulted with what appears to be a combination of electronic attack and precision bombs to enable the Israeli force to enter and exit Syrian airspace. Almost immediately, the entire Syrian radar system went off the air for a period of time that included the raid, say U.S. intelligence analysts.

…U.S. analysts contend that network penetration involved both remote air-to-ground electronic attack and penetration through computer-to-computer links.

…So far, the most sophisticated example of nonkinetic warfare is the penetration of Syrian air defenses by Israeli aircraft on Sept. 6 to bomb a site—analyzed as a nascent nuclear facility—without being engaged or even detected.

…That ability of nonstealthy Israeli aircraft to penetrate without interference rests in part on technology, carried on board modified aircraft, that allowed specialists to hack into Syria’s networked air defense system, said U.S. military and industry officials in the attack’s aftermath. Network raiders can conduct their invasion from an aircraft into a network and then jump from network to network until they are into the target’s communications loop.

To a certain extent, I think we can discount some of this flattering picture as the product of a promotional article in an international aviation trade journal.  But nevertheless, it has to give the Iranians pause in light of the possible damage that may’ve been caused to Iran through Stuxnet.  Not to mention the rather lax cyber-security there which allowed such an infection to penetrate in the first place.  One has to wonder whether Iran’s air defenses could be as easily sabotaged as Syria’s were in 2007.

That this article is a bit of puffery is confirmed by the following passage:

…Secrecy is causing Israel problems. Compartmentalization means that those who know about the new capabilities aren’t allowed to tout their usefulness. Yet at least low-key publicity is needed to ensure government funding for additional development and acceptance of their operational use.

“Now I have to find a way to explain these capabilities to other people so that they understand,” Buchris says.

I think the flacks who wrote this article just did that for you.

This article, written all the way back in 2007, provides an early glimpse of the neocon anti-Iran meme claiming that Iran financed the Syrian reactor, a claim by the way which Israelis in this article deny:

Israeli officials reject any suggestion that the Syrian and Iranian nuclear programs were or are linked in any way.

“I don’t think Iran knew anything about what Syria was doing,” says a long-serving member of the Israeli parliament with insight into military affairs. “I don’t think they would have told the Iranians. They didn’t need Iranian assistance because they had help from the North Koreans.”

However, John Bolton, former U.S. ambassador to the United Nations, disagrees. “I’d be very surprised if the Syrians were to engage at least without Iranian acquiescence,” he says. And, “it may be beyond that,” he tells Aviation Week. Since Syria alone lacks both the funding and expertise for a nuclear weapons program, it would logically turn to Pyongyang for technology and oil-rich Tehran for funding, he says.

Notice how Bolton inserts his own opinion and converts it into a ‘logical’ certainty, which has then been picked up by anti-Iran hawks.

But here’s the money quote as far as relevance to Iran:

Bolton says the use of network attack is a clever move by the Israelis. He contends that it will serve as a deterrent for Iran. Or, at the very least, it sends a message that even the advanced, Russian-built air defense systems won’t protect Iran’s nuclear activities.

“I think it is very telling, obviously, in its potential impact on Iran since they’ve been supplied by the Russians with air defense equipment as well,” Bolton says.

If what’s been written about Stuxnet is accurate, then Israel, or whoever created the worm, seems to have done an excellent job of infiltrating Russian computers systems in order to plant the infection with the Russian contractor building Bushehr.  One wonders whether Israel could have devised ways of penetrating these Russian built air defense systems as well.

Of course, an attack on Iran will be far different from one on a single unfinished Syrian nuclear reactor.  Iran has hardened sites which might withstand Israeli attack even if its air defenses are knocked out.  Further, Iran has capabilities of carrying the attack back against the Israelis which Syria does not have, or at least wasn’t willing to exercise.  This will not be a cakewalk if it happens.

In a sidebar, one of Aviation Week’s Israeli government informants reveals a typically racist attitude toward that country’s Palestinian citizens.  He notes the vulnerabilities of Israel’s own telecommunication systems which were penetrated during the 2006 Lebanon war by Hezbollah, possibly with Syrian aid:

…The government official says. “There’s also the issue that in the north of Israel you have very large Arab communities. Most wouldn’t be involved, but you’re talking about a half-million people up on the border. That means there are people with the ability to watch and pass on information.”

Ah yes, the old calumny about Israel’s Palestinian citizens being a Fifth Column supporting Hezbollah.  When this jackass should know that the only Israeli governmental body ever to attempt to assert this claim, the Shabak, can’t even make it stick when the secret police accuses Israeli Palestinian leaders of espionage (cf. Makhoul, Said, etc.).  If it reminds you of the 1950s Red Scare here in the U.S. it should.  The motives of instilling fear, driving a wedge between (in Israel’s case) Jews and Arabs, and seeking scapegoats is alive and well in 2010 Israel.

Tags: , ,
Posted in Mideast Peace, Politics & Society | 8 Comments »

Stuxnet: Paying the Piper

Monday, September 27th, 2010

The creators of Stuxnet seem to believe that they will not suffer any consequences for their deviltry.  It is almost impossible to trace the worm to its original source.  So the victims can’t even know for sure who their enemy is.  Besides, if the culprit is Israel it has a formidable defense in place to protect its own military and nuclear facilities (a lesson apparently not learned by the Iranians) and so presuably it would be extremly difficult to inflict similar damage.

Iranian sources have confirmed what the world already knew, that the malware has targeted nuclear plants (probably Bushehr or even more likely Natanz).  In fact, a knowledgeable Iranian source admits that Stuxnet is still percolating and even “mutating” through Iranian computer systems.  Good news for non-Iranians infected with it is that it seems to able to distinguish its target computers from others and behaves benignly in non-Iranian systems.  One Iranian source claimed preposterously that Stuxnet has not caused any serious damage inside Iran.  Given the sabotage caused to Natanz’s centrifuge system in the past year and the extraordinary delays in the construction of the Bushehr reactor, that claim is simply not credible.  It should be viewed as an attempt to conceal the effect of the worm as it would be in the interest of Iran’s nuclear industry to do.

A Reuters report speculates on how Iran might take revenge on those who devised Stuxnet.  It notes that Israel’s vulnerabilities may lie rather through Iran’s allies in Lebanon than in a direct assault on Dimona or similar facilities:

In the short term, intelligence experts believe Tehran’s priority will be trying to identify the source of the attack and examining how the worm was uploaded onto its systems. “The Iranian internal security and counterintelligence departments will need to nail down the culprits first, then work out how to turn the tables,” said Fred Burton, a former U.S. counterintelligence expert who is now vice president of political risk consultancy Stratfor.

In the short term, intelligence experts believe Tehran’s priority will be trying to identify the source of the attack and examining how the worm was uploaded onto its systems. “The Iranian internal security and counterintelligence departments will need to nail down the culprits first, then work out how to turn the tables,” said Fred Burton, a former U.S. counterintelligence expert who is now vice president of political risk consultancy Stratfor.

Some analysts suggest Iran might like to retaliate with a cyber attack against Israel or the West — although there are question marks over its capability to do so.“I don’t think we can expect much in the way of retaliatory cyber attacks,” said regional analyst Jessica Ashooh. “The Iranians simply don’t have the technical capacity to do anything similar to properly protected systems — as evidenced by the very hard time they are having controlling and quarantining this attack.”

Nevertheless, experts say Iran has made improving its cyber espionage capability a priority — and will probably aim to grow these resources further in the years to come.

The risk, some worry, is that Iran might be tempted to either intensify its own nuclear program or target the West’s own nuclear installations in return.

“How prepared are we all for this and could this set in motion a deadly game that catalyses a nuclear programme no one intended to engage in?” said Mark Fitt, managing director of N49 Intelligence, a firm that advises businesses in the Middle East.

In terms of a more conventional response, Iran could potentially act through proxies such as Hezbollah in Lebanon and Hamas in Gaza, as well as insurgents in Iraq and Afghanistan.

…Analysts say the Stuxnet attack is an early insight into the form state conflict may take in the 21st century.

“It’s by no means a one-off — I think we’ll see much more of this,” said Ian Bremmer, president of political risk consultancy Eurasia Group.

One thing that anyone who’s an honest observer of the Israeli-Arab conflict over the years has learned is that what goes around comes around.  Israel tends to behave as if it is omnipotent and pays no attention to blowback as if there couldn’t possibly be any.  But there inevitably is.  After all, what is the entire history of the Israeli-Palestinian conflict but one long list of grievances unaddressed.  It is the personification of justice delayed and denied.  There will be consequences from Stuxnet.  They may not happen this week or next.  But as sure as I’m typing this, there will be.  And when Israel is called to pay the piper you will heal howls of anger and victimhood from Israel at how it is made to suffer by its enemies while it remains blameless.  This is the strange Israeli calculus of victimhood.

Moving to a different subject, at an Israeli internet forum frequented by military and intelligence specialists, one knowledgeable member noted that Israel has the capacity to introduce a great deal of mayhem into the world’s computer and security systems through its military industrial company, Rafael.  This company is one of the world’s major suppliers of military-industrial technology to western (and even Arab) nations.  It is plausible that it would have designed “back-doors” into such systems which could be exploited at a propitious moment.  And further, it does maintenance and repairs on a great deal of such equipment and has the ability to tinker with it then as well.

Rafael even demanded before its products were shipped that any markings identifying its components as Israeli be erased so as not to arouse undue suspicion in the recipients of its products.

Rafael products and components are even now believed to be used in Arab countries though likely without the knowledge of those countries.

Tags: , , ,
Posted in Mideast Peace | 7 Comments »

N.Y. Times: IDF Unit 8200 Cyberattack Disabled Syrian Anti-Aircraft Defense

Monday, September 27th, 2010

The N.Y. Times published a report about the Stuxnet virus which takes an interesting and slightly contrarian view of the power and lethality of the virus.  But the most interesting part of the article was a list of other previous cyberattacks that were initiated by governments.  Among them, John Markoff notes that Israel’s attack on the alleged Syrian nuclear reactor involved disabling that nation’s radar/anti-aircraft defenses.  According to the reporter, the IDF’s Unit 8200 devised an ingenious method of shutting the radar off:

Accounts of the event initially indicated that sophisticated jamming technology had been used to blind the radar so Israeli aircraft went unnoticed. Last December, however, a report in an American technical publication, IEEE Spectrum, cited a European industry source as raising the possibility that the Israelis had used a built-in kill switch to shut down the radar.

A former member of the United States intelligence community said that the attack had been the work of Israel’s equivalent of America’s National Security Agency, known as Unit 8200.

If I understood Markoff, what would’ve happened is that Israel would’ve infected the computer system operating the Syrian radar with a worm and that worm would’ve turned off the system.  We can surely expect the same tactics if/when Israel attacks Iran.  One wonders how or whether the Iranians have prepared themselves to face this.

Inside Israel, Unit 8200 is famous for its know-how and derring-do.  But almost nothing is known or spoken about its operations.  This is a very closely held military secret.  Which is why Markoff’s report is so interesting.

Moving to a different issue raised by Markoff, he notes an aspect of the Stuxnet infection which others have not addressed: that the worm was designed rather haphazardly in terms of its target.  You might expect an intelligence agency attempting to sabotage a nation’s industrial system to be more particular about directing the infection only to affect computers within that country.  The high level of infection outside Iran indicates the perpetrators of Stuxnet didn’t much care where it went as long as it got to Iran.  To me, this indicates a rather high level of moral negligence at the toll it would take outside that country.  Further, it indicates a sense of hubris that whatever effect it might have on the world such damage could not be inflicted on the computer system of the country which devised it.

Though I’m not a cyber security expert it would seem that Iran’s nuclear program had rather haphazard security standards if an infected USB stick could be the cause of the original infection there.  Though many of us have been warning about the fight Israel would have on its hands if it attacked Iran, it makes one wonder whether the high tech aspects of Iran’s defenses might be less than imagined, especially if they share any of the vulnerabilities of the Syrian system.  This certainly should be giving Iran’s generals pause as they prepare for precisely such an onslaught.

Tags: , , , ,
Posted in Blogs-Tech-Science, Mideast Peace | 11 Comments »

« Older Entries
Performance Optimization WordPress Plugins by W3 EDGE