Photo: Haim Orenstein
IDF drone.
Photo: Haim Orenstein
Ron Ben-Yishai

IDF's cyber defense easily breached

Analysis: The indictment of Majd Ouida reveals how an amateur hacker could severely interfere with military operations, provide poorly encrypted data to the enemy, and endanger Israeli lives.

The indictment filed on Wednesday against Islamic Jihad operative Majd Ouida presents a very worrying picture. It shows how one person, equipped with extremely meager technological means, can collect with relative ease intelligence on all aspects of the IDF’s drone activity over the Gaza Strip, as well as extract extremely sensitive information from Israel's transportation infrastructure, government ministries and from the Palestinian Authority.



Ouida may have a degree in electrical engineering and computers, but the incredible ease with which he used spying software freely available online should be cause for alarm.


This is cyber espionage, through which the Islamic Jihad could have sabotaged the IDF's intelligence-gathering activities, as well as the military's offensive operations in the Gaza Strip. At the same time, the defendant gathered intelligence that could have allowed the Islamic Jihad to accurately aim the rockets at its disposal, leading to mass casualties on the Israeli side.


The Palestinian Islamic Jihad is the second largest terror organization in the Gaza Strip and serves as Iran's main proxy in the Palestinian enclave. The organization had, and still has at its disposal long-range Fajr-5 rockets and other similar projectiles.


However—and this is the good news—the Islamic Jihad in Gaza doesn't have the skill and operational knowledge to take advantage of the intelligence Ouida gathered in a way that could seriously affect IDF operations or endanger Israelis under the threat of its rockets. And still, the intelligence Ouida gathered probably helped protect some of Islamic Jihad's militants and their arsenal of rockets from the IDF's bombs.



IDF drone (Photo: Haim Orenstein)
IDF drone (Photo: Haim Orenstein)


It's important to note that Ouida was not able to crack the IDF’s communications with all of its drones over the Strip. He was able to crack the frequency system of two kinds of drones, one believed to be a small tactical drone that likely did not provide him with highly valuable information, and the other is likely another small aircraft. The latter did give the Islamic Jihad information on what and who the IDF was interested in, and where.


So while the Islamic Jihad was unable to use most of the intelligence it got, and the damage caused is not of the most serious nature, the very fact that Ouida was able to penetrate one of the IDF's intelligence-gathering and offensive measures is a serious breach, perhaps even a very serious one, in the IDF's information security.


No damage during Protective Edge

According to the indictment, starting in 2014, Ouida was no longer able to crack the IDF drones' communications, which means he could not have caused damage during Operation Protective Edge. However, he was able to gain access in 2011–2014, during which time Operation Pillar of Defense took place. It appears that in that operation at least, the Islamic Jihad knew things the IDF did not want it to know.


Majd Ouida was probably a very productive operative, but his handlers didn't particularly appreciate him. He offered his services and proved time and again that he could use widely available internet programs and equipment bought off the free market in the US, also via the internet, to do things that can usually only be done by a state or a military.


The information he provided, for instance, about Israel's traffic cameras system, and the integration he did with the information he got in real time from the Israel Police's different traffic cameras, would have allowed the Palestinian Jihad, if it had wanted to, to target the State of Israel at rush hour. Ouida could have also done serious harm to commercial planes flying out of Ben Gurion Airport or Sde Dov, as he had information not only of the departure and landing times of planes, but also each flight's manifests.


Palestinian Islamic Jihad members in Gaza (Photo: Reuters) (Photo: Reuters)
Palestinian Islamic Jihad members in Gaza (Photo: Reuters)


And Ouida didn't stop there, either. He provided his handlers in the Islamic Jihad with the civil register from the Palestinian Authority's Interior Ministry, both in the West Bank and in Gaza. The Islamic Jihad specifically requested that information, and used these lists to locate potential operatives and recruit them to its ranks.


So it's no wonder that eventually the leaders of the Islamic Jihad in Gaza realized that this guy and his abilities were a strategic asset and decided to send him to continue his education in Iran. The Iranians agreed to take him in and train him in cyber operations, but because of the deterioration of ties between Hamas and Tehran, Ouida was unable to leave the Gaza Strip.


The good news

The good news is that, at least from 2014, the IDF has greatly improved the encryption of its communications with its drones, which is why Ouida was no longer able to crack their frequencies. We can only hope that the stricter security measures put on the encryption will be enough to stop not just Ouida—who was merely a one-man cyber spy organization, doing this as a hobby—but also protect the IDF's communications in the air, land and sea against cyber espionage from Iran and other countries who are very interested in Israel’s activities in various fields.


Another piece of good news is the fact Ouida and his activities within the Gaza Strip were exposed, as the compartmentalization around him inside the Islamic Jihad was very strict, and few knew of his activities.


An even bigger success is the how he mysteriously ended up out of the Strip and in the hands of the Shin Bet and Israel Police, who were apparently able to get the full story out of him. The story itself is an asset as well, as it allows the State of Israel to once again realize that its critical computer infrastructure is exposed to all and can be breached with methods used by any common hacker.


What is concerning, however, is that Ouida did not operate a decade ago, but in 2011–2014. At that point, Prime Minister Benjamin Netanyahu had already declared Israel to be world power in the field of cyber technologies, and particularly in cyber defense, while at the same time establishing a national cyber defense system. And yet Majd Ouida, an electricity and computer engineer who studied in the Gaza Strip, could breach our cyber defense quite successfully.


פרסום ראשון: 03.23.16, 23:18
 new comment
This will delete your current comment