In 1999, author Gordon Thomas took readers where they had never been before — inside the clandestine world of Israel’s spy agency, the Mossad. Now, in a new 2015 edition of his book “Gideon’s Spies: The Secret History of the Mossad,” Thomas adds two chapters about Israel during the Arab Spring. In this exclusive excerpt, he explains how the Mossad is using its new cyberwarfare department to track threats and attack Iran’s nuclear capacity.
Mossad’s cyberwar unit had its own slogan: “Tomorrow is zero hour.”
The words were an intercepted phone message by the American National Security Agency, NSA, which had turned out to allude to the 9/11 attack on the World Trade Center and the Pentagon. The warning had come too late.
The 11th director of Mossad, Tamir Pardo, was determined that Israel would not make the same mistake. It would not be too late to stop Iran from getting a nuclear warhead.
To do that, they’d need a new bunker-busting bomb which the United States Air Force had successfully tested. Code-named BU-57B, the bomb weighed three tons and would penetrate 200 feet of rock.
At one of Pardo’s weekly senior staff meetings in fall 2013, there was agreement that Washington would hold off delivering the bomb to Israel until it became clear what Iran’s new leader, Hassan Rouhani, would do at the forthcoming meeting in Geneva to discuss a deal on its nuclear program.
In the meantime, Israel had other weapons.
Mossad’s Department of Psychological War waged a propaganda war in the region. For instance, when Mahmoud Ahmadinejad had been in power, it had produced a cleverly researched story showing the Iranian president had Jewish ancestry. It had been widely published in Arab and other countries.
Pardo, meanwhile, knew the importance of cyberwarfare. He had been one of several officers who had undergone training at the NSA and had taken part in some “soft” espionage missions, including hacking into Iran’s version of Facebook and other social-network sites.
When he had visited the unit in 2010, Prime Minister Benjamin Netanyahu told them that their electronic battles against cyberattacks were regarded as Israel’s most important defense. He had come to thank them for the software program they had helped to design to attack the centrifuges at Iran’s nuclear enrichment facility at Natanz.
An undercover field officer, called a katza, had been trained in how to insert the malware before the Iranian scientists at the nuclear enrichment plant had spotted its presence. The unit had called the malware Stuxnet, to reflect the many months needed to create the malicious software program that had, in Netanyahu’s words, slowed “Iran’s race to create a bomb by up to three years.”
Terror on eBay
The successful Stuxnet operation increased the profile of cyberwarfare. Iain Lobban, the head of Britain’s Government Communication Headquarters, revealed the country’s Ministry of Defense was targeted over 1,000 times a month. He identified the attacks were mostly coming from the Tenth Bureau, the highly secret department of China’s People’s Liberation Army responsible for science and technology.
In the United States, Gen. Keith B. Alexander, the head of the Pentagon’s Cyber Command, confirmed that “our targets are enemy military command centers that we can reach from cyberspace. We know China’s cyberspies are under strict orders to target any of our organizations, from government to hedge funds, whose secrets may be of benefit to Beijing.”Besides eBay, messages are often hidden in the “X-rated pornographic pictures which conceal documents and orders for the next target,” said one intelligence source.
A number of the most skilled cryptologists in the Mossad unit had become its code-breakers and code-makers. They had mastered steganography, how to conceal secret information within a digital file.
They discovered that al Qaeda used the technique, encrypting its messages in goods offered for sale on eBay.
Several other Mossad operatives spent their time tracking the Internet message board Reddit. More than once, it had led an operator to a terrorist using hexadecimal characters and prime numbers. Decoded, they sometimes indicated an attack was being planned or even about to happen.
Mossad and MI5 are investigating how, in the wake of the Charlie Hebdo massacre in Paris, both ISIS and al Qaeda are concealing messages to their followers. Both Mossad and MI6 confirm there has been an increase in traffic.
Besides eBay, messages are often hidden in the “X-rated pornographic pictures which conceal documents and orders for the next target,” said one intelligence source.
MI6 and Mossad have recruited linguist specialists in Arabic, Urdu and Pashto to translate the online magazines that both al Qaeda and ISIS are publishing with instructions.
When it appears an attack could take place in a certain country, Mossad sends details to that nation’s intelligence service’s cybercommand.
Mossad’s most experienced cryptologists were chosen for their skill in accessing an area inaccessible to the search engines of Google, Yahoo and Bing. Called the Dark Side, it contained billions of Web pages and is estimated to be 5,000 times larger than any other on the Internet. The Dark Side is where the Mossad has continued to fight a keyboard war like no other.
Unlikely allies
In late October 2013, Pardo had received an invitation to meet with Arab intelligence chiefs. He had expected that the meeting would primarily deal with the current situation about terrorist activities in the region, including drug smuggling and human trafficking.
The Dubai meeting turned out to have greater significance. The Saudi intelligence chief, Prince Bandar bin Sultan, had been accompanied by Crown Prince Salman bin Abdulaziz al Saud, the deputy prime minister and minister of defense.
They had asked for a private meeting with Pardo, at which he was offered the reassurance that the Chinese rockets that Israeli spy satellites had spotted in Saudi Arabia’s desert were only there to protect their country from an enemy they both shared — the Republic of Iran.
Prince Bandar added they both knew that their countries shared concerns which at times put them at odds with the United States. The crown prince felt the Iran threat had reached a stage where it must be handled.
That began the start of several meetings which had taken Pardo to Riyadh and Amman to meet with both the royal princes and senior Saudi military officers. By November, a mutual cooperation had been agreed that Israel could use Saudi airspace to launch air attacks on Iran’s nuclear facilities and for Israeli drones, rescue helicopters and tanker planes to be positioned over Saudi Arabia and the Red Sea and have refuel facilities at various Saudi airfields.
The arrangements would come into operation in the event of the Geneva talks failing to satisfy both sides.
At one of the meetings in the Jordanian port of Aqaba, the spy chiefs had each brought their cyberspecialists to discuss the production of a malware more devastating than Stuxnet to spy on and destroy the latest software structure of Iran’s nuclear program.
The Saudi delegation had indicated it was ready to finance further research. Crown Prince Bandar had told Pardo there would be “no limit to cost.”
The United States appears to be pushing for a deal with Iran, but Netanyahu does not trust their leaders. He has ordered Mossad to gather all evidence of Iran violating the deal.
He told Pardo: “Israel may well have to look for delivery of those bunker-busting bombs from America for what will have been a historic mistake in believing another Iranian president.”
Adapted with permission from “Gideon’s Spies” by Gordon Thomas. Out this month from St. Martin’s Press.