Hacking Gantz: Separating Fact From Fiction
Analysts and officials stress that all phones are vulnerable and it is unlikely the Blue and White leader’s had sensitive information
Separating fact from fiction regarding Iran’s alleged hacking of Blue and White party leader Benny Gantz’s phone is complicated by the charged political atmosphere in Israel. With elections less than a month away, the campaign is characterized by a war-of-words between the former military chief and members of Binyamin Netanyahu’s ruling Likud.
Analysts have near-uniformly stressed that commercial cell phones are vulnerable to attacks and it is unlikely a former commander of the Israeli army – who re-entered civilian life some four years ago – would have state secrets stored on his mobile device.
“Hackers can use different methods to find vulnerability in codes that nobody knows about, which then allows them to execute demands and gain direct access to the contents of a phone,” Adonis Azzam, research team leader at ThinkCyber, a company specializing in security consulting and training, explained to The Media Line.
“Today, most phones come completely exposed, and this is why attackers can manipulate users to install applications, respond to spam emails or click on links that allow them to take control of the system. In the case of ‘zero-click’ technology,” he said in reference to the method Iran may have employed in Gantz’s case, “there are Internet tools that can be used to create a connection to the target without them knowing.”
The confusion has been compounded by exaggerations – and, perhaps, concerted distortions – inherent to all electioneering. This is manifest, for instance, in the latest Likud ads claiming “the Iranian regime openly supports” Gantz, since Netanyahu’s hardline policies are partially credited with persuading U.S. President Donald Trump to nix the 2015 nuclear accord and reimpose sanctions on the Islamic Republic.
For its part, Blue and White has called on Israel’s attorney general to launch an investigation into the leak – which, as a corollary, has thrust Netanyahu’s legal woes back into the spotlight — based on the assumption that intelligence related to the hack was gathered by an agency under the prime minister’s authority.
Gantz, however, is not entirely without fault, having initially fueled ambiguity by suggesting that his phone was, in fact, compromised (before reversing course and referring to the ordeal as “political gossip”), which is supported by accounts that he was informed of the breach shortly after announcing his candidacy in December.
“Gantz received a warning about the hack from the Shin Bet [Israel Security Agency], which did not take any action other than leave it up to him to take whatever steps were deemed necessary,” former Mossad head Danny Yatom confirmed to The Media Line. “This suggests no harm was done to the security of the State of Israel, as high-ranking officials are anyway cautious about what they put in their phones.”
Yatom likewise noted that Gantz’s cell was “no more secure than others” and that the Israeli government did “not provide additional protections in this respect.” He further implied that the greater danger to Israel was the politicization of a relative non-issue that has deflected attention away from more urgent matters.
The concurrent revelation that Russia purportedly supplied Iran with phone-hacking technology, thereby raising comparisons to Moscow’s interference in the 2016 U.S. presidential elections, has created a perfect storm of circumstances clouding what observers told The Media Line warranted a behind-the-scenes probe rather than a more-than-thorough airing in the media.
“There are three main attack vectors in a hack, namely, the interception of calls, the injection of malware into the phone and the physical extraction of sensitive data,” Noam Potter, a senior manager at Communitake, which develops mobile protection platforms, told The Media Line.
“In order to avoid all of these,” he said, “the main idea is to control the environment in which the phone is used. This necessitates a multi-layered defense system when browsing websites and downloading applications. Then there is a need for technology that identifies if a device is penetrated and prevents hackers from removing data.”
Some observers have described the Gantz hack as unremarkable and emphasized to The Media Line that the main takeaway has been lost in the resulting political brouhaha. Last year, they noted, a “hacktivist” posted online the private numbers of many Israeli politicians, including President Reuven Rivlin, whereas civilians in the recent past bombarded Israeli parliamentarians with thousands of Whatsapp messages expressing discontent with various policies.
Perhaps most strikingly, prior to Gantz’s formation of Blue and White, his Israel Resilience party released the personal phone numbers of dozens of Likud candidates while urging supporters to send them missives denouncing Netanyahu’s decision to allow Qatar to transfer tens of millions of dollars in cash to Hamas. Gaza’s rulers, meanwhile, previously were accused of having hackers create fake dating apps that induced an estimated 100 Israeli soldiers to download malicious software onto their mobiles.
Nor is this a uniquely Israeli phenomenon, with the private data of German politicians, including Chancellor Angela Merkel, having been leaked in January. Three months earlier, reports surfaced that China was eavesdropping on Trump’s personal phone calls. Meanwhile, a massive scandal erupted during former president Barack Obama’s tenure when Edward Snowden revealed that Washington was listening in on the conversations of more than 30 world leaders, among them the heads of Western European allies.
The point, then, is not that the Gantz hack is unimportant; rather, that Israelis might be better served if the present focus was on developing enhanced firewalls for individuals who are privy to classified information as opposed to the prospect of Iranian President Hassan Rouhani ringing up the Blue and White leader to offer congratulations should he win the upcoming vote.