[ISN] Hezbollah cracked the code

From: InfoSec News (alerts@private)
Date: Wed Sep 20 2006 - 03:10:10 PDT


Forwarded from: William Knowles <wk (at) c4i.org>

http://www.newsday.com/news/nationworld/world/ny-wocode184896831sep18,0,3091818.story

By MOHAMAD BAZZI
Newsday Middle East Correspondent
September 18, 2006

AITA SHAAB, Lebanon -- Hezbollah guerrillas were able to hack into 
Israeli radio communications during last month's battles in south 
Lebanon, an intelligence breakthrough that helped them thwart Israeli 
tank assaults, according to Hezbollah and Lebanese officials.

Using technology most likely supplied by Iran, special Hezbollah teams 
monitored the constantly changing radio frequencies of Israeli troops on 
the ground. That gave guerrillas a picture of Israeli movements, 
casualty reports and supply routes. It also allowed Hezbollah anti-tank 
units to more effectively target advancing Israeli armor, according to 
the officials.

"We were able to monitor Israeli communications, and we used this 
information to adjust our planning," said a Hezbollah commander involved 
in the battles, speaking on the condition of anonymity. The official 
refused to detail how Hezbollah was able to intercept and decipher 
Israeli transmissions. He acknowledged that guerrillas were not able to 
hack into Israeli communications around the clock.

The Israeli military refused to comment on whether its radio 
communications were compromised, citing security concerns. But a former 
Israeli general, who spoke on the condition of anonymity, said 
Hezbollah's ability to secretly hack into military transmissions had 
"disastrous" consequences for the Israeli offensive.

"Israel's military leaders clearly underestimated the enemy and this is 
just one example," he said.


Dodging the efforts

Like most modern militaries, Israeli forces use a practice known as 
"frequency-hopping" - rapidly switching among dozens of frequencies per 
second - to prevent radio messages from being jammed or intercepted. It 
also uses encryption devices to make it difficult for enemy forces to 
decipher transmissions even if they are intercepted. The Israelis mostly 
rely on a U.S.-designed communication system called the Single Channel 
Ground and Airborne Radio System.

Hezbollah's ability to intercept and decode Israeli transmissions 
underscores how the Shia group had higher military capabilities than 
many Israeli and U.S. officials thought.

Much of Hezbollah's capability is believed to have come from its two 
main backers, Iran and Syria.

During 34 days of fighting, which ended Aug. 14 under a cease-fire 
brokered by the United Nations, Hezbollah repeatedly surprised Israel by 
deploying new types of missiles and battlefield tactics.

"The Israelis did not realize that they were facing a guerrilla force 
with the capabilities of a regular army," said a senior Lebanese 
security official who asked not to be identified. "Hezbollah invested a 
lot of resources into eavesdropping and signals interception."

Besides radio transmissions, the official said Hezbollah also monitored 
cell phone calls among Israeli troops. But cell phones are usually 
easier to intercept than military radio, and officials said Israeli 
forces were under strict orders not to divulge sensitive information 
over the phone.

Hezbollah eavesdropping teams had trained Hebrew speakers who could 
quickly translate intercepted Israeli transmissions and relay the 
information to local commanders, the Hezbollah official said. Even 
before the war, the group had dozens of translators working in its 
southern Beirut offices to monitor Israeli media and phone intercepts.


Mistakes happen

With frequency-hopping and encryption, most radio communications become 
very difficult to hack. But troops in the battlefield sometimes make 
mistakes in following secure radio procedures and can give an enemy a 
way to break into the frequency-hopping patterns. That might have 
happened during some battles between Israel and Hezbollah, according to 
the Lebanese official. Hezbollah teams likely also had sophisticated 
reconnaissance devices that could intercept radio signals even while 
they were frequency-hopping.

During one raid in southern Lebanon, Israeli special forces said they 
found a Hezbollah office equipped with jamming and eavesdropping 
devices. Israeli officials said the base also had detailed maps of 
northern Israel, lists of Israeli patrols along the border and cell 
phone numbers for Israeli commanders.

That raid highlighted the ongoing spy war between Hezbollah and Israel. 
Since Israeli troops withdrew from southern Lebanon in May 2000 - after 
an 18-year occupation and guerrilla war with Hezbollah - the militia has 
stepped up its espionage efforts against Israel. According to Israeli 
military officials, a special Hezbollah unit recruits Israeli Arabs and 
others to spy for it. The agents are assigned to obtain maps, monitor 
Israeli patrols, gather cell phone numbers and photograph military 
facilities. This information is used to draw up detailed maps and files 
that could be used to direct Hezbollah's rocket and missile attacks.

"After the Israeli withdrawal in 2000, each side competed to spy on the 
other," said Nizar Qader, a retired Lebanese army general who is now an 
independent military analyst. "This intelligence-gathering was essential 
to fighting a war ... Hezbollah appears to have collected better 
information than the Israelis."

After Hezbollah abducted two Israeli soldiers in a cross-border raid on 
July 12, Israel launched its most intense attack since it invaded 
Lebanon in 1982. The offensive crippled the country's infrastructure, 
displaced 1 million people, cut off Lebanon from the world and killed 
more than 1,200 Lebanese - the majority of them civilians. Hezbollah 
fired nearly 4,000 rockets at Israel, killing 43 civilians. Of the 119 
Israeli soldiers killed, the majority were killed by anti-tank missiles.

Hezbollah's ability to hack into Israeli communications made its arsenal 
of anti-tank missiles even more deadly by improving the targeting. 
Throughout the ground war, Hezbollah deployed well-trained anti-tank 
teams to transport these missiles and fire them in ways that would 
inflict heavy casualties on Israeli forces. The units were made up of 
four to six fighters who moved around mostly on foot.

The militia used four kinds of sophisticated missiles that enabled it to 
disable - and, in some cases, destroy - Israel's most powerful armor: 
Merkava tanks. The Merkava is reinforced with several tons of armor, a 
virtual fortress on tracks intended to ensure its crew's survival on the 
battlefield.

All the missiles used by Hezbollah are relatively easy to transport and 
can be fired by a single guerrilla or a two-person team. They all rely 
on armor-piercing warheads. The most prevalent of Hezbollah's anti-tank 
weapons is the Russian made RPG-29, a powerful variation on a standard 
rocket-propelled grenade. The RPG-29 has a range of 500 yards.


Using all their capabilities

Hezbollah also used three other potent anti-tank missiles, according to 
Israeli and Lebanese officials: the Russian-made Metis, which has a 
range of 1 mile and can carry high-explosive warheads; the Russian-built 
Kornet, which has a range of 3 miles and thermal sights for tracking the 
heat signatures of tanks, and the European-built MILAN (a French acronym 
for Anti-Tank Light Infantry Missile), which has a range of 1.2 miles, a 
guidance system and the ability to be fired at night.

Israeli officials say the Kornet and RPG-29 were provided to Hezbollah 
by Syria, which bought them from Russia in the late 1990s. Russian 
officials are investigating whether Syria violated an agreement that 
these weapons would not be transferred to a third party.

Analysts say Hezbollah used all its capabilities - eavesdropping, 
anti-tank missiles and guerrilla fighting skills - to maximum effect.

"The information collected by signals intercepts was being used to help 
direct fighters on the battlefield," Qader said. "These are tactics of a 
modern army."

Sonia Verma contributed to this story from Jerusalem.

-=-

Key events

July 12. Hezbollah kidnaps two Israeli soldiers in a cross-border raid.

July 13. Israel begins bombing the runways at Beirut's airport and 
imposes a naval blockade of Lebanon. Hezbollah rocket attacks strike the 
northern Israeli city of Haifa.

July 18. The United States, others step up evacuations of their citizens 
from Lebanon.

July 22. Israeli ground troops enter Lebanon.

Aug. 6. Hezbollah rocket attacks kill 12 Israeli soldiers and 3 others 
in deadliest day for Israel in nearly 4 weeks of war.

Aug. 12. The UN Security Council approves a resolution calling for a 
"full cessation of hostilities."

Aug. 14. Cease-fire takes effect.

Copyright 2006 Newsday Inc.



*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*


_________________________________
HITBSecConf2006 - Malaysia 
The largest network security event in Asia 
32 internationally renowned speakers 
7 tracks of hands-on technical training sessions. 
Register now: http://conference.hitb.org/hitbsecconf2006kl/



This archive was generated by hypermail 2.1.3 : Wed Sep 20 2006 - 03:23:45 PDT