The IDF prepares for cyber-battles
Computing unit's outgoing commander says that in wars to come, enemies will prioritize harming computer systems over tanks.
A year ago Operation Protective Edge was declared the first IT war in the IDF's history, during which the chief of staff could watch the pursuit after the abductors of Hadar Goldin on Black Friday in Rafah live, and even get in touch directly with the Givati Brigade commander Ofer Vinter; a war in which nearly every battalion and company commander could see the location of terrorist cells in ambush positions in Shuja'iyya from Aman (military intelligence), all on small mobile devices in real time.
It was a war in which the Air Force, infantry, engineers, tanks and the artillery were concentrated on a single screen. Like in a video game, everyone could see and speak to everyone, with a single touch.
"During Operation Protective Edge we dealt with dozens of cyber events, but there was no breach," recounts Col. H., who commanded an elite unit during Operation Defensive Shield in 2002 and is now completing his term as commander of the IDF's computer unit Mamram (Center of Computing and Information Systems). "We estimate that a Lebanese hacker acting independently does not pose a significant threat to us. If we’re worried, it's about a body or organization, not necessarily state-sponsored."
In his next stint, as commander of the defensive cyber unit, he expects to deal with a deadly threat: at least 100,000 Hezbollah rockets, or Hamas’s tunnels. "We are a cyber superpower, and in order to confront us, the enemy has to be the size of a state," he points out. "In the next war it will be much more important and significant for the enemy to bring down an operational computerized system than to destroy an armored brigade."
Dependent on computers - for better or worse
The IDF operates on internal networks, physically detached from the external Internet, which are protected 24/7 by thickened virtual walls, with cyber-guard soldiers maintaining and monitoring the system during routine or emergency.
Still, a successful breach by the enemy, like Iran or its proxy Hezbollah, can result in damage to any operation relying on the computers, and today there is almost no combat system that doesn't – from the operating systems of fighter planes, to Iron Dome missiles, to the sirens of the Home Front Command. A takeover of these computers, even one that lasts only a minute, could allow reversing their operating commands, which would bring about disaster and chaos the likes of which the IDF has never seen.
Even so, the military's confidence in its Computer Service Directorate has only risen since Operation Protective Edge.
"If in the past, field commanders struggled to acclimate to computerized combat systems, today they don’t want to go back to maps and board briefings," said Col. H., "This requires us to provide the army with full, continuous IT control, since during Operation Protective Edge a failure of data transfer delayed IAF air strikes in Gaza by 15 minutes.
“The IT control system of the General Staff, for example, was only rendered unavailable for 30 minutes during the past six month," added the colonel. "It sits on two different sites for backup, so that if there is a crash, users won’t notice. The Chief of Staff, in the midst of a war, could demand to be shown any point in the Gaza Strip from which rockets were fired at Israel in the last couple of hours. This reduces operational processes, saves munitions, and allows us to hit thousands of targets in a day during the next war in Lebanon."
But, as is the case with real battlefields, risks grow along with the IDF’s dependence on computers and the people who run them. The military has tens of thousands of servers operating underground today, with about 1,000 added every year. Meanwhile, a virtualization process is ongoing, with the intent of conserving electricity by compressing more applications into each server.
“We’ve become the largest broadcaster in Israel,” admits Col. H.“We know how to take any photo from IDF sources and deliver it to the necessary parties. Hot and Yes (Israel’s largest cable TV and satellite TV operators, respectively) have dozens of broadcast channels; we have hundreds.”
Mamram’s main method of enabling the IDF’s continuous IT activities, and preventing risks that result from reliance on computers, is to anticipate errors instead of waiting for them to happen. “In the past, an officer would call us and say he had a problem with his computer,” explains Col. H. “Today, we have technology that can identify and take care of bugs in all IDF computers.”
"We’ve developed the ability to perform open heart surgery on our system, to take care of it while the ‘body’ goes on as usual," the colonel continued. "We did this in the middle of peak combat operations during Protective Edge, even implementing new technologies during war, and the fighting forces didn’t notice. That’s like replacing a tire on a car that’s driving 100 KPH without a single scratch, but it requires working 24/7 during emergency situations. Last year, they came to understand how integral they are to the IDF’s operations.”
