Cyberwar (2016) s01e12 Episode Script

Israel Cyber Nation

1 BEN: A small country with many enemies.
We are really, really threatened by other countries, and we need to find innovative ways how to defend ourselves.
Israel builds its cyber arsenal.
We intend to be one of the five leading cyber powers in the world.
But how are they using their power? We need to decrypt the Iranian code because they are threatening us with nuclear weapons.
What's the cost of that strength? Israelis did not only occupy the land, they occupied the sky also and the air around us.
Spring of 2015.
A cyber security company discovers a piece of spyware targeting three hotels in Switzerland and Austria.
All three of those hotels were hosting high level negotiations on the future of Iran's nuclear program.
The malware, called Duqu 2.
0, was really versatile.
It could do anything from tapping phone lines to operating two-way mics in hotel elevators, computers, and alarm systems.
Duqu could theoretically spy on the Iranians, but also on the Americans and their negotiating partners.
There are enemies to these talks, and they will do whatever they can.
It's almost impossible to conclusively identify who created Duqu, but fingers immediately started pointing at Israel, a country with both the motive and the means.
I flew to Washington to meet Adam Entous, the Wall Street Journal reporter who first broke the Duqu story.
You broke some stories that the Israelis were not only spying on the US during these negotiations, but they were also feeding information to Congress.
How'd you verify that? So what happened was is that we were monitoring Israeli communications very closely.
The US was sharing some details with the Israelis about the ongoing negotiations, but we weren't telling them everything.
But we started seeing in references to details from the negotiations that the White House knew they were not providing to the Israelis.
Bottom line is is that the experts that analyzed it and current and former US officials who also have taken a look believe that Duqu 2.
0 is an espionage tool that's used by Israel for it's biggest spying operations.
Given the fact that the US spends so much money in support of Israel's military and its intelligence services, that Israel is so aggressive at spying against the United States does upset, you know, counter-intelligence officials in the United States because they feel like they should be focused on other things.
And the money the US government gives to Israel is substantial.
Since the creation of the state in 1948, the Americans have handed over more than $120 billion in aid, most of it in the form of military assistance.
But military aid alone doesn't explain Israel's emergence as a global cyber super power.
So how does a small country like Israel become such a big player in cyber warfare? And if the Israeli government is spying on the United States, its closest ally and its biggest financier, what does it say about the country's agenda? Ronen Bergman is an investigative journalist and a senior political and military analyst for one of Israel's largest circulation daily newspapers.
- Ben, hi.
- Nice to meet you.
Pleasure to meet you, welcome, welcome to Israel.
I met him at his home outside of Tel Aviv.
What do you make of something like Duqu 2.
0 that was malware that was targeting specific diplomatic discussions, and it seemed to benefit one country and its interests.
Do you think the Israelis did it? Look, I'm not dealing directly with Israeli intelligence on the USA, 'cause otherwise this gonna be my last interview, or our next meeting will be I would say with some sort of bars or or glass between us.
Ronen Bergman wouldn't give me a straight answer when it came to Duqu or spying on Americans.
But if the malware actually was Israeli, many people believe it came out of the military's signals intelligence branch, Unit 8200.
Military service is compulsory for most Israelis, and Unit 8200 gets its pick of potential recruits.
But why is it that the Israelis are so good at cyber security? Well, I think it started a long time ago.
If you are the military intelligence, from very early point they got the permission to select from the, you know, thousands and thousands of teens, and you offer them to play a very unique game.
A game that they can play only in Israel, only in military intelligence, they won't be able to play any other place in the world.
The game is this: you get at least three years of innovation summer camp, continuous innovation summer camp, to come up with a solution that would save the country.
The deployment of your solution could be very quick because we need to decrypt the Iranian code because they are threatening us with nuclear weapon, or the possibility of nuclear weapon.
We need to hack into the computer of that jihadist because he's planning the next suicide bombing.
That's a great responsibility.
And you get as young as 18 or 19 years old to deal with the most exciting stuff that anyone can deal with: espionage.
Is there ever a thought within Israeli society that all this innovation is coming from a game played by these kids that's actually pretty lethal and has real world implications? These innovations are coming out of wars.
This innovation saved the country.
I will say it again: the innovation of these young kids saved Israel.
I wanted to meet some of the kids destined for the cyber units of Israel's armed forces.
After turning 18, most Israelis are obliged to serve in the military for 2 to 3 years.
Many teenagers hope to join Unit 8200, the signals intelligence branch, and the largest single military unit in the Israeli Defense Forces.
But they don't actually get to choose where they're drafted.
In 2013, the Ministry of Defense helped create a national program for promising high school students aiming to be future cyber warriors.
There are 10 high schools offering this program across the country, and Amal Lady Davis High School is one of the them.
Toby Stupp has been teaching here for the past 10 years.
- Hello.
- Hi! - Nice to meet you.
- Welcome! Thank you.
Is this Hacking 101? Well, actually we're not really teaching them hacking, because we don't want to emphasize how to steal things or how to break into things.
That's not what we're into.
- So more defensive stuff? - It's more defensive.
Many of the students I spoke to were aiming to get into Unit 8200, or Talpiot, an elite program with the IDF's research and development arm.
And it's not just because they want to serve their country.
What they learn in the military can also set them up for a pretty baller career after their service is all done.
Yair Ben Shimol and Jonatan Wallenstein are students in the cyber program.
Why'd you do this class? To benefit us in the army.
So something like Unit 8200.
- Hmm? - Unit 8200.
Yes, 8200.
Is that something that people wanna do? I'm aiming more for like another program.
It's called Talpiot, which is pretty much the elite of the elite.
And if you get there, you're pretty much set up for your life.
Just go to a walk-in place and say, "I was Talpiot," throwing your money about it.
- Start making it rain.
- Yeah, making it rain.
- Everybody wants you.
- Girls, money - Girls, money, cars.
- Cars.
Sex, drugs, and rock and roll.
(Laughing) I don't know if hackers are get all that.
BEN: With fresh recruits every year and an annual turnover of 25%, Unit 8200, the Israeli Military's signals intelligence branch, is like a revolving door.
Many former soldiers come out of the unit and head straight for private cyber security companies.
Well, it's brand new.
I'm in Tel Aviv to meet with Nadav Zafrir.
He's a former commander of Unit 8200.
Today, he's the CEO of 8, a multi-million dollar private cyber security company in Tel Aviv.
We are a nation of entrepreneurs.
And so the high tech scene here has been booming for many years already.
We've also been able to create innovation, creativity, and talent creation through the military service, which used to be a burden on our economy but lately is almost becoming a part of the strength of our economy.
And you know, it's no secret you were in Unit 8200.
'Cause it's funny, we've been talking to a lot of these kids, and they're not wanting to be Israeli Rambo.
Like they want to be in Unit 8200, it's this thing.
Yeah, 'cause it's almost a mixture between going to an Ivy League university and doing your internship all at once, while you're serving your country.
They come with all their naivety, with all their faith in what they're doing, with all their motivation, and together they create something which is truly exceptional.
They may come in with naivety and faith, but they don't all leave that way.
In 2014, 43 reserve soldiers wrote an open letter to the Israeli prime minister criticizing some of Unit 8200's surveillance practices.
The covert SIGINT unit targets so-called enemies of the state outside the country.
But Palestinians in the occupied territories are also surveilled, even if they haven't been identified as a threat.
In their letter, the reservists said they refused to take part in actions against Palestinians if they were called back to active duty.
Israel's defense minister denounced them as criminals.
Gilad, who asked we not use his last name and not reveal his face, signed the letter and served in the top secret Unit 8200.
So were there any restrictions given to operators on who they could target and who they couldn't? Part of the letter talks about the fact that you would use some of this intelligence to turn Palestinians against each other.
So let's say if you're a homosexual and you're involved with Hamas, and you don't want that to come out Gilad regrets his role in the surveillance of Palestinian civilians.
But what's it like to be on the other side of that surveillance? BEN: The Israeli military is well-known around the world for its cyber surveillance capabilities.
Closer to home, Palestinians are all too aware of the country's power.
Residents of the occupied territories may use local telecommunications companies like Paltel for their phones and internet, but the system relies on Israeli infrastructure.
Israelis did not only occupy the land, they occupied the sky also and the air around us.
Safa Nasser Eldin is a former Minister of Telecommunications and IT in the Palestinian Authority, which governs the West Bank.
I met her at a hotel in Jerusalem.
How do you compare Palestinian Authority cyber security versus Israeli government? I don't think that we can compare it, because we are new to this field.
We created the government network in 2010, and we took it from Paltel.
So it was a network of a Paltel network where parts of it is leased from Israel.
So it was always like open to Israeli measures or any security.
So does every average Palestinian just accept that every email, text message, can or could be intercepted and read by Israeli intelligence? They don't accept, but they know that it happens.
We are occupied, we cannot do anything about it.
Since all communications systems in the West Bank route through Israel, it's hard for Palestinians to escape Israeli surveillance.
But some people are trying to change that.
I went to Ramallah to meet Hanna Kreitem and Samer Shawar.
They're cofounders of a Palestinian hacker space called Vecbox.
This is a bunker practically.
Yes, a kind of bunker.
Instead of a bunker it's a hackspace.
What we did, as part of a project is establishing an intersection point to allow exchange of information to stay local, without having to go through Israel and then through other operators.
So you think that all of the internet essentially in the West Bank and Ramallah is being clearly creeped on? Yes.
And why why is that? Why do you think that? We have the PA and Israel both who would like to to know what's going on.
And Israel uses the excuse of security.
So you also said that it's not just the Israelis spying on you, it's the PA.
We We have some concerns about that, and we think that they do, yes.
So it might not be just the Israelis who are monitoring Palestinians.
Many believe the Palestinian Authority also uses Israeli technology to keep an eye on its population.
But when it comes to cyber security, Israel's influence extends well beyond the territory it occupies.
In 2015, its cyber security exports totalled around $4 billion.
But what does all this cyber success mean for Israel's economy? I'm in Tel Aviv for CyberTech.
It's an annual conference serving as a showcase for Israel's cyber security companies.
Israel's overall economy is one of the strongest in the Middle East, and the cyber security sector is booming.
And some consider the IDF's Unit 8200 to be Israel's internal R&D hub.
Consider this: its alumni are said to have founded more than a thousand companies.
I stopped at a booth where a tech company called Cyberbit was selling its battle-tested products, which are used for both security and surveillance.
(Chattering) And its key technology was developed by veterans of Unit 8200.
Adi Dar is the CEO of Cyberbit.
Who are you selling to internationally? We are selling in North America, we are selling in Asia, we are selling in Europe a lot, and of course in Israel.
I can say that basically we have customers from all the different sectors: financial sector, utilities, health care, governments of course So law enforcement as well? Yeah, of course, of course.
Law enforcement is one significant part of what we do.
Cyberbit sells a product called PSS, which stands for PC Surveillance System.
It's a suite of tools that infects computer with malware in order to gather intelligence.
Why don't you tell me about the PSS system.
Basically it's the opposite of what we do in the cyber security arena, okay? In the cyber security, we are trying to find those hackers, to find those Trojan Horses, and in the cyber intelligence part we are using Trojans in order to collect information.
So offensive and defensive technologies.
But CyberTech isn't just a platform for private companies.
The conference is also a place where Israel and its Prime Minister, Benjamin Netanyahu, can show off the country's cyber strength to the rest of the world.
One of the first conferences that we held here, I said that we intend to be one of the five leading cyber powers in the world.
And I think we've achieved that, but I don't think we should be 5 or 4, and I don't think we are.
BEN: Be'er Sheva is at the northern edge of Israel's Negev desert.
Once a quiet town, it's now a thriving city at the heart of Israel's cyber boom.
The Prime Minister wants Israel to remain one of the world's cyber super powers, and that means bringing together the expertise of academics, the armed forces, and private business.
That's something the government is investing in.
Soon a new tech park will actually share office space with units of the Israeli military.
This might be where the next Duqu is created.
Yuval Elovici is the director of the Cyber Security Research Centre at Ben-Gurion University.
And in this lab we have the people working on malware.
So this is our malware lab.
What kind of malware are they working on? Both on mobile and on PC.
So why don't you show me how you can activate malware with a laser.
It's our assumption in this type of attack that there is already a malware inside the organization, and the malware has an access to a scanner inside the organization.
Now, if the attacker will communicate with the malware via the internet, it may be intercepted by various different mechanisms.
So here we came up with a totally different concept, and the idea was to use a laser.
So now here you can see we set up the software, and then we can just press one button.
The scanner is scanning, receiving the message.
And you know, even if there is not a line of sight, it's no problem.
As you can see, it's very light to put all the attack platform on a drone.
That's crazy.
(Laughing) Israel's a small country, and yet it's connected to some of the most sophisticated malware ever.
We are really, really threatened by other countries, and we need to find innovative ways how to defend ourselves.
And you know, for me, sometimes I am very, very frustrated when I know that somebody is waking up in the morning, and his main goal in life is just to try to damage us.
We are very, very lucky that cyber help us to be secured.
Israel's success in cyber security comes out of the collaboration between the school system, the military, and the private sector.
The Israeli dream in old times was to be a general in the army.
The dream today, the Israeli dream of every Jewish mother is for her son not to be a pilot, not to be a physician, but to go to 8200, serve for few years, then retire, open a start-up, and then sell it for hundreds of millions of dollars.
But not all Israelis are comfortable with the role that Unit 8200 is playing in Israel's economy.
And it's not just a domestic issue.
Israel's reported surveillance of the Iranian nuclear talks was also a thorn in the side of American officials.
And the irony is of course that the US helped the Israelis develop the capability of spying on the Iranians the way they do.
So for some people within the US intelligence agency, this was not a happy moment when they realized or they concluded that the Israelis were using American capability to spy on American negotiations and diplomacy with the Iranians.
And while they have this healthy respect for the Israelis, you know, for a foreign government to be doing that was for the Americans a bridge too far.
The economic perks of Israel's cyber security expertise are obvious across the country.
But those capabilities are designed to support a very unique security agenda.
An agenda that can include spying on everyone from friends and allies to even innocent and vulnerable civilians.