By Dan Williams, Reuters, July 7, 2009
RAMAT HASHARON, Israel (Reuters) - In the late 1990s, a computer specialist from Israel's Shin Bet internal security service hacked into the mainframe of the Pi Glilot fuel depot north of Tel Aviv.
It was meant to be a routine test of safeguards at the strategic site. But it also tipped off the Israelis to the potential such hi-tech infiltrations offered for real sabotage.
"Once inside the Pi Glilot system, we suddenly realized that, aside from accessing secret data, we could also set off deliberate explosions, just by programing a re-route of the pipelines," said a veteran of the Shin Bet drill.
So began a cyberwarfare project which, a decade on, is seen by independent experts as the likely new vanguard of Israel's efforts to foil the nuclear ambitions of its arch-foe Iran.
The appeal of cyber attacks was boosted, Israeli sources say, by the limited feasibility of conventional air strikes on the distant and fortified Iranian atomic facilities, and by U.S. reluctance to countenance another open war in the Middle East.
"We came to the conclusion that, for our purposes, a key Iranian vulnerability is in its on-line information," said one recently retired Israeli security cabinet member, using a generic term for digital networks. "We have acted accordingly."
Cyberwarfare teams nestle deep within Israel's spy agencies, which have rich experience in traditional sabotage techniques and are cloaked in official secrecy and censorship.
They can draw on the know-how of Israeli commercial firms that are among the world's hi-tech leaders and whose staff are often veterans of elite military intelligence computer units.
"To judge by my interaction with Israeli experts in various international forums, Israel can definitely be assumed to have advanced cyber-attack capabilities," said Scott Borg, director of the U.S. Cyber Consequences Unit, which advises various Washington agencies on cyber security.
Technolytics Institute, an American consultancy, last year rated Israel the sixth-biggest "cyber warfare threat," after China, Russia, Iran, France and "extremist/terrorist groups."
The United States is in the process of setting up a "Cyber Command" to oversee Pentagon operations, though officials have described its mandate as protective, rather than offensive.
Asked to speculate about how Israel might target Iran, Borg said malware -- a commonly used abbreviation for "malicious software" -- could be inserted to corrupt, commandeer or crash the controls of sensitive sites like uranium enrichment plants.
Such attacks could be immediate, he said. Or they might be latent, with the malware loitering unseen and awaiting an external trigger, or pre-set to strike automatically when the infected facility reaches a more critical level of activity.
As Iran's nuclear assets would probably be isolated from outside computers, hackers would be unable to access them directly, Borg said. Israeli agents would have to conceal the malware in software used by the Iranians or discreetly plant it on portable hardware brought in, unknowingly, by technicians.
"A contaminated USB stick would be enough," Borg said.
Ali Ashtari, an Iranian businessman executed as an Israeli spy last year, was convicted of supplying tainted communications equipment for one of Iran's secret military projects.
Iranian media quoted a security official as saying that Ashtari's actions "led to the defeat of the project with irreversible damage." Israel declined all comment on the case.
"Cyberwar has the advantage of being clandestine and deniable," Borg said, noting Israel's considerations in the face of an Iranian nuclear program that Tehran insists is peaceful.
"But its effectiveness is hard to gauge, because the targeted network can often conceal the extent of damage or even fake the symptoms of damage. Military strikes, by contrast, have an instantly quantifiable physical effect."
Israel may be open to a more overt strain of cyberwarfare.
Tony Skinner of Jane's Defense Weekly cited Israeli sources as saying that Israel's 2007 bombing of an alleged atomic reactor in Syria was preceded by a cyber attack which neutralized ground radars and anti-aircraft batteries.
"State of War," a 2006 book by New York Times reporter James Risen, recounted a short-lived plan by the CIA and its Israeli counterpart Mossad to fry the power lines of an Iranian nuclear facility using a smuggled electromagnetic-pulse (EMP) device.
A massive, nation-wide EMP attack on Iran could be effected by detonating a nuclear device at atmospheric height. But while Israel is assumed to have the region's only atomic arms, most experts believe they would be used only in a war of last resort. (Editing by Jeffrey Heller and Mark Trevelyan)