The agonising evening vigil watching the tortuous
transfer of hostages to the Red Cross ambulances at one of the Gaza border
crossings, is an all-consuming experience.
Time and again we ask how Israel with all its cutting-edge
technology was hoodwinked so easily.
An exposé published recently told how security
personnel, in the military and government echelons dismissed surveillance
reports, not bothering to check them thoroughly.
Soldiers
in the IDF’s prestigious 8200 signal intelligence unit reportedly warned senior
officers before the October 7 ferocious attack that Hamas was preparing a
highly organised and meticulously planned mass
incursion, but were told their concerns were “delusional.”
The
exposé was one of a number of
reports aired
over the past
month claiming the IDF had
received advance warnings of a possible Hamas attack, including reports filed by
IDF surveillance personnel based on the Gaza border detailing unusual Hamas training
exercises carried out before October 7.
According
to TV Channel 12 and other news outlets an officer in Unit 8200 compiled a report from an array of
raw intelligence data detailing a scenario that essentially predicted the
October 7 incursion.
She,
together with another officer, also pointed to a Hamas exercise
carried out a
month before the actual attack, noting that it included preparations for a large incursion with multiple entry points
into Israel.
“They were told in real-time. There were so
many things that should have alerted them well
in advance,” an unnamed source from Unit 8200 told the Kan news network.
Another report claimed that
before October 7, the IDF ‘acquired’ a Hamas
terror manual that described how to break through the hitherto assumed-to-be impenetrable IDF barrier along
the Gaza Strip.
The manual described taking over IDF
positions, capturing kibbutzim and towns in the region, killing and kidnapping
residents.
It described how pick-up trucks would be used in the attack, along with motorbikes and hang-gliders.
Understandably, even if they had acknowledged the reports the inner
circle of decision makers in the IDF and the government faced a dilemma. An Israeli preemptive attack would
undoubtedly be condemned by the UN, unfriendly nations and friendly nations
alike. Even President Biden would be hard put to support such an action.
That being said, stationing
additional forces, particularly
armoured and artillery units along the Gaza Strip border would require
mobilising reserve army units, reminiscent of the situation Israel faced at the
time of the Yom Kippur War. Perhaps an assertive action short of calling up
reserve army forces, telegraphing to Hamas that we are aware of what they were
planning, could have warded off the October 7 attack. I hasten to add that this is my unqualified layman’s
opinion.
At
this juncture I want insert a margin note: -
Unit
8200 is an Israeli Intelligence Corps unit of the IDF responsible for
clandestine operations, collecting signal intelligence and code decryption,
counterintelligence, cyberwarfare, military intelligence, and
surveillance. The unit is a branch of the Military Defence Directorate.
Earlier this week I read a summary of a publication
issued by the Begin–Sadat Centre for Strategic
Studies (BESA Centre) an Israeli think tank affiliated with Bar-Ilan University. BESA conducts
policy-relevant research on Middle Eastern and global strategic affairs, specifically related to
national security, Israel’s foreign policy and
regional peace and stability.
For the sake of brevity, I am
‘cherry-picking’ from the summary and rephrasing some of it.
“Hamas gathered
information on Israel, much of it unclassified, and successfully used it to
carry out the largest and most devastating terrorist attack in Israel’s
history.
At the core of every advanced organisation’s information security
and cyber defence lies a mechanism for risk management. This mechanism weighs
the likelihood of the realisation of intelligence and technological threats
against the potential damage resulting from an information leak. Risk
management allows a focus on the protection of significant assets and ensures,
as much as possible, that threats against them are eliminated. The less favourable alternative is “protecting everything,” an
approach guaranteed to be ineffective due to innumerable “secrets” and limited resources.
The summary attempts to describe a
phenomenon termed the “unclassified secret,” namely, information that is not classified by definition but which still
holds great value for an adversary seeking to harm a country or organisation.
In a democratic and open society, the freedom of information is a fundamental right. The ability
of people in society to share information is vital for progress and
development. It provides the infrastructure for citizens to be engaged, oversee
the authorities, criticise them, and form independent opinions through free and
reasoned discussion. In this way, public information, or unclassified security information, is accessible
to everyone – including foreign actors and enemies – especially as platforms
for its distribution and accessibility continue to evolve.
The events of October 7 will be investigated thoroughly, but it can already be said that Hamas constructed a good
intelligence assessment of Israel’s
defence components along the Gaza border fence.
This enabled Hamas to neutralise some of the sensors and detection
capabilities, prevent effective control of events on the Israeli side, and
operate effectively inside the military positions and communities it overran. In addition to military information, Hamas had public, private, and administrative information that facilitated its
operations inside the communities it attacked. Moreover, Hamas possessed freely available maps
and detailed information about specific sites within the Israeli communities, some of which can be found online (such as
addresses of senior officials) and information that could be collected through
human sources (HUMINT), such as the locations of first response teams, IDF camps and defence
perimeters of the communities, and more.
Examining the security information collected by Hamas over the
years, reveals that a
significant part of its intelligence is based on information that is not
classified by definition. For example, most of the human collection elements
(HUMINT) recruited by Hamas were instructed to mark locations throughout Israel
that are visible to all. In addition, Hamas collected a wealth of information
from Israeli media about Israeli society, issues related to the Gaza periphery communities, and Israel’s
military capabilities, all of which was discussed openly.
These facts together constitute a particularly challenging
phenomenon referred to as the
“unclassified secret.” This is information that is defined either as public or
unclassified by the authorities, is nevertheless, highly valuable to hostile actors that collect it for their
purposes. In the case of a terrorist organisation like Hamas and an attack like
the one it carried out, tactical and micro-tactical information defined as
unclassified, as well as public information
that is openly accessible, become extremely valuable, especially when it
provides details that complement information collected from other undisclosed
intelligence sources operated by Hamas or other terrorist organisations.
For example, in a scenario in which terrorists plan to attack
settlements on the Gaza border, maps of Israel that are available on Google
Earth constitute valuable information for the enemy. Obviously, Israel can’t demand that the
internet should remove all open-source information.
The other extreme is to say the unclassified secret is the
inevitable bane of a democratic and open society, especially in areas of risk
and near hostile borders. Consequently, there is
nothing that can be done to reduce the risk inherent in the phenomenon.
Therefore, we should
delineate a few guiding principles with which to approach situations in which
unclassified secrets of a kind highly valuable to the enemy are easily available.
Unclassified information must be addressed systematically in the
context of the impact of public knowledge of
security components that enable the enemy to exploit it for operational
purposes. The “unclassified” domain must be
addressed within situational assessments while realising and considering its
value to the enemy.
In this context, attention should be given to public sources of information that require protection, monitoring, and control, in particular:
First response
teams, public-military
relations, settlement defence systems, and reinforcement forces.
Human concentrations that could serve as prime targets for attack,
both permanent and occasional (public transportation stations, event halls,
parks, etc.).
Residences of senior officials, security personnel, local leaders,
etc.
Technological assets (websites, servers, cameras, etc.) in the public domain.
Within this framework, the trend should be towards reducing the
ease of obtaining non-essential public information, such as: protecting databases according to privacy
protection regulations, defining target groups who are prohibited from keeping
a high personal digital footprint, monitoring digital impropriety and issuing
warnings for prevention and damage reduction, and even considering tighter
censorship. Regarding military information that is published for various
reasons by security officials, the balance between their needs and information
security must be reevaluated. As in many cases, this information becomes
“unclassified secrets”: information approved for publication by the authorities
that ends up aiding the enemy.
For example, in the context of the human threat, when Hamas openly
trains and declares its intention to attack communities on the Gaza border,
this should prompt a reconsideration of work-permit policies so as to prevent the possibility of Gazan workers,
or those with potential connections to the powers in the Gaza Strip, working in
these communities and gaining access to unclassified secrets. Similarly,
increased awareness is needed regarding intelligence-gathering by civilians
around security sites and places frequented by
large numbers of people.
The interface between the security and the public domain, and between the unclassified and classified areas, poses a significant challenge when trying to provide a fitting
and balanced response to the problem of unclassified secrets. The formation of
security policies in this context is complex and will require attention,
resource allocation, legislation, and broad cooperation. The need to maintain
maximum information freedom while recognising security constraints – a
challenge that accompanies democracies worldwide, including Israel – will only
continue to grow.
Of course, even after the formulation and implementation of policy
guidelines, the reasonable working assumption is that the enemy will continue
to obtain valuable information. Accordingly, in all defensive arrangements,
military or civilian, practical consideration should be given to the
information load that the other side has, including unclassified yet useful
material. Correspondingly, a complementary defensive or offensive response is
required.
The battle over unclassified secrets is here to stay. We must be
aware of it and prepare ourselves accordingly.”
The summary was compiled by Dr. Natanel
Flamer a senior lecturer at the Department of Middle Eastern Studies, Bar-Ilan University and senior researcher at the Begin-Sadat Centre for Strategic Studies. Dr.
Flamer specialises in intelligence, terrorism, and asymmetrical warfare in the
Middle East.
Lieut. Col. (ret.) Erez Magen also contributed to the summary. He is an information security and cybersecurity expert, founder of Magen
Cyber, which provides security solutions to security organisations and
companies in Israel and around the world.
No comments:
Post a Comment