Top Secret: Rare Look at IDF Cyber Defense Unit

Senior officer speaks to media about IDF’s unique cyber defenses, enemy efforts to breach sensitive military networks.

IDF cyber defense unit (Archive: Eden Briand, IDF/Creative Commons)

The IDF faces daily attempts by hostile countries and hackers to breach its cyber defenses, a high-ranking officer says. The senior commander spoke to N12 News after the military censor approved a rare report on one of the army’s most sensitive units, the Cyber Defense Division.

The IDF is a very attractive target for attack and copes with hundreds of cyber strikes per year, the officer said. Hostile players aim to sabotage the army’s operations for political reasons or personal glory, he said.

To counter the threat, the army set up several layers of security that are almost impossible to penetrate, the report said.

As a first line of defense, the IDF takes steps to block attacks before they’re launched. The army and security services collect intelligence on potential plots and use advanced tools to identify attackers even before they approach the IDF’s systems.

Just like field units carry out patrols and surveillance, cyber defenders do the same in the virtual world, the officer explained. In case of an attack, the IDF activates special intervention teams with highly advanced capabilities.

The key challenge is not only to neutralize strikes, but also to identify their origin. The IDF invests great efforts to trace the source of attacks but refuses to divulge this information.

This relates to the army’s reluctance to discuss its offensive capabilities and Israeli reprisals against foreign enemies. However, Chief of Staff Aviv Kochavi recently confirmed that the military carried out numerous offensive operations last year.

IDF’s cyber red team

The Cyber Defense Division also employs a red team that simulates enemy actions and exposes weaknesses in the army’s defenses.

“These are the most talented cyber attackers in the country, and they simulate rivals with deep pockets, not just lone hackers,” the senior officer said. These specialists detect vulnerabilities that only a few hackers in the world can exploit, he said.

The red team engages in unique exercises, and in one case disabled real-time IDF capabilities so cyber defenders can experience an authentic attack. These kinds of realistic training scenarios are not carried out elsewhere, the army said.

A key component in the IDF’s efforts is the Center of Encryption and Information Security. This secretive unit designs defenses and protections for the army’s classified systems and databases. It also shares its expertise with Israel’s intelligence agencies and government bodies.

Last week, 42 of the country’s brightest young minds completed the unit’s training course, the IDF said. The intense study program covers diverse topics, including different coding languages, communication networks, operating systems, cryptography, math and electronics.