by Elad Popovich
April 1, 2016
The ‘Palestinian Idol’ that Hacked Into Israel’s Drones
Elad Popovich
Technology can be a double edged sword. Israel’s Defense Forces’ (IDF) 2015 strategy concluded that the IDF’s relative advantages are based on “the soldier’s quality, advanced technology, and intelligence.” It seems however that the second biggest Palestinian terrorist organization – the Palestinian Islamic Jihad (PIJ) thinks exactly the same.
At the end of February 2016, a 23 year old Palestinian, Majed Awida, was arrested by the Israeli Security Agency (Shin Bet) and the Israeli National Police on his way to cast participants for the singing competition series ‘Palestinian Idol’. Majed a computer and electronic engineer from Gaza was, in his free time, the chair of the Palestinian Talents Club. Ah, but Majed was also a hacker working in the service of the PIJ since 2011.
At first Majed worked as a soundman and radio jockey in the PIJ’s youth association radio. In 2012, Majed was asked by the PIJ to develop software that would enable them to hack into the IDF’s drone’s communications over the Gaza Strip. After two failed attempts, Majed’s software successfully hacked into an IDF drone and he was able to watch its high definition camera broadcasts.
Majed was also asked to track Israel’s highways and streets. To do so, he hacked into Israel’s National Police live-broadcast traffic cameras grid. Software developed by Majed allowed the PIJ to track air traffic at Israel’s International Airport (TLV), passenger lists, airplane types and weight, and updated landing and takeoff information. Parallel to the activities against Israel, Majed also hacked into Hamas’ Interior Ministry in the Gaza Strip (the PIJ is a political and ideological rival to Hamas).
To hack into IDF drones, Majed used a frequency scanner, a satellite dish equipped with a low-noise block down-converter (LNB) tuned to the Israeli commercial communication satellite Amos and a laptop that were smuggled into Gaza through tunnels under the Rafah-Egyptian border. The hacking into the police grid was achieved from the police official website by using website hacking software that was downloaded from the internet.
On March 23, 2016, Majed appeared before an Israeli District Court on charges of espionage, contact with a foreign agent with intent to harm national security, conspiring to submit information to the enemy, illegal computer hacking, and membership in an illegal gathering.
In essence Majed’s doings were not sophisticated hacking and their results did not damage Israel’s national security in any extensive way. Firstly, hacking into the police camera grid would enable the PIJ to know were a rocket fired from the Gaza Strip landed. However those rockets are statistic trajectories and when dozens of them are launched at the same time the relative advantage of knowing where they hit is not that important. On the other hand, the cameras could give the PIJ knowledge of updated intelligence gathering and the whereabouts of security forces throughout Israel – an information leak that cannot be taken lightly when in the hands of a hostile force.
Secondly, drones are hackable. It’s not the first time and not the last time that Israel’s adversaries obtained access to drone communications. Perhaps the most publically known event, September 1997, was when Hezbollah managed to receive video feed from an IDF drone broadcast on an unencrypted channel. In 2010, Hezbollah’s Secretary General Hassan Nasrallah asserted that his organization did catch the broadcast and as a result were able to ambush an Israeli Navy commando unit. The ambush resulted in the death of 11 IDF Navy commandos.
Majed’s hacking probably uncovered a potential exploitation in the communications link between satellite and drones, doing Israel a great service for a negligible amount of intelligence data.
Finally, most of the data regarding Israel’s International Airport can be gathered with minimal exploitation of open-source intelligence gathering. However, the potential economic consequences for the State of Israel could be dramatic. Due to the vulnerability of the Airport, Israel’s Federal Aviation Authority safety ranking, which since 2012 stood at Level 1, the highest ranking, could be revoked. Israel Airports Authority could be also asked to raise their risk premium, as well as be required to spend more money on cyber-security, etc.
In the era of cyber-threats, small waves such as this can create a tsunami.
Elad Popovich is a Research Fellow at the Arnold A. Saltzman Institute of War and Peace Studies at Columbia University’s School for International and Public Affairs and an Israel Institute’s Postdoctoral Fellow.
April 1, 2016
The ‘Palestinian Idol’ that Hacked Into Israel’s Drones
Elad Popovich
Technology can be a double edged sword. Israel’s Defense Forces’ (IDF) 2015 strategy concluded that the IDF’s relative advantages are based on “the soldier’s quality, advanced technology, and intelligence.” It seems however that the second biggest Palestinian terrorist organization – the Palestinian Islamic Jihad (PIJ) thinks exactly the same.
At the end of February 2016, a 23 year old Palestinian, Majed Awida, was arrested by the Israeli Security Agency (Shin Bet) and the Israeli National Police on his way to cast participants for the singing competition series ‘Palestinian Idol’. Majed a computer and electronic engineer from Gaza was, in his free time, the chair of the Palestinian Talents Club. Ah, but Majed was also a hacker working in the service of the PIJ since 2011.
At first Majed worked as a soundman and radio jockey in the PIJ’s youth association radio. In 2012, Majed was asked by the PIJ to develop software that would enable them to hack into the IDF’s drone’s communications over the Gaza Strip. After two failed attempts, Majed’s software successfully hacked into an IDF drone and he was able to watch its high definition camera broadcasts.
Majed was also asked to track Israel’s highways and streets. To do so, he hacked into Israel’s National Police live-broadcast traffic cameras grid. Software developed by Majed allowed the PIJ to track air traffic at Israel’s International Airport (TLV), passenger lists, airplane types and weight, and updated landing and takeoff information. Parallel to the activities against Israel, Majed also hacked into Hamas’ Interior Ministry in the Gaza Strip (the PIJ is a political and ideological rival to Hamas).
To hack into IDF drones, Majed used a frequency scanner, a satellite dish equipped with a low-noise block down-converter (LNB) tuned to the Israeli commercial communication satellite Amos and a laptop that were smuggled into Gaza through tunnels under the Rafah-Egyptian border. The hacking into the police grid was achieved from the police official website by using website hacking software that was downloaded from the internet.
On March 23, 2016, Majed appeared before an Israeli District Court on charges of espionage, contact with a foreign agent with intent to harm national security, conspiring to submit information to the enemy, illegal computer hacking, and membership in an illegal gathering.
In essence Majed’s doings were not sophisticated hacking and their results did not damage Israel’s national security in any extensive way. Firstly, hacking into the police camera grid would enable the PIJ to know were a rocket fired from the Gaza Strip landed. However those rockets are statistic trajectories and when dozens of them are launched at the same time the relative advantage of knowing where they hit is not that important. On the other hand, the cameras could give the PIJ knowledge of updated intelligence gathering and the whereabouts of security forces throughout Israel – an information leak that cannot be taken lightly when in the hands of a hostile force.
Secondly, drones are hackable. It’s not the first time and not the last time that Israel’s adversaries obtained access to drone communications. Perhaps the most publically known event, September 1997, was when Hezbollah managed to receive video feed from an IDF drone broadcast on an unencrypted channel. In 2010, Hezbollah’s Secretary General Hassan Nasrallah asserted that his organization did catch the broadcast and as a result were able to ambush an Israeli Navy commando unit. The ambush resulted in the death of 11 IDF Navy commandos.
Majed’s hacking probably uncovered a potential exploitation in the communications link between satellite and drones, doing Israel a great service for a negligible amount of intelligence data.
Finally, most of the data regarding Israel’s International Airport can be gathered with minimal exploitation of open-source intelligence gathering. However, the potential economic consequences for the State of Israel could be dramatic. Due to the vulnerability of the Airport, Israel’s Federal Aviation Authority safety ranking, which since 2012 stood at Level 1, the highest ranking, could be revoked. Israel Airports Authority could be also asked to raise their risk premium, as well as be required to spend more money on cyber-security, etc.
In the era of cyber-threats, small waves such as this can create a tsunami.
Elad Popovich is a Research Fellow at the Arnold A. Saltzman Institute of War and Peace Studies at Columbia University’s School for International and Public Affairs and an Israel Institute’s Postdoctoral Fellow.
No comments:
Post a Comment