Anyone who deals with technology, or is familiar with it, can't remain indifferent to what is happening in the IDF's Unit 8200. The technological breakthroughs, the intelligence superiority, the advances – these all position the unit, and Israel, as a world leader that is at the same level as the US, Russia, or China.
Follow Israel Hayom on Facebook and Twitter
The public is virtually unaware of all this. By its very intelligence/operational nature, 8200 mostly operates in the shadows. When it makes headlines, it's usually in a less-than-positive context, one that focuses on the typical profile of the soldiers who serve in it or the enormous salaries its veterans earn when they enter the world of high-tech.
Very little is said about the unit's real work, or how important that work is to Israel. This has to do with a genuine concern about losing assets or exposing intelligence to the enemy, thus hurting the enormous superiority of intelligence Israel has over its enemies (and sometimes, its partners). So this interview is a rare and one-time peek into the unit's activity and the future of the technological world it operates.
In an exclusive interview to Israel Hayom, Col. Y., deputy commander of the unit's digital operations, reveals that the unit has made a breakthrough in its ability to identify targets automatically, which he says will comprise a dramatic blow to the enemy's abilities in the wars to come. He also shares details about how Israel is handling Iran and Hezbollah, saying, "There is no technological-intelligence problem that does not have a solution."
Y. is married to Michal, whom he met while they were both serving in the unit, and they have two young daughters. He grew up in Rishon Lezion, enlisted in 8200 and has remained there while rising through the ranks. He has served as head of planning as well as commander of one of the unit's centers of operations, as well as intelligence aide to both Aviv Kochavi (now IDF chief of staff) and Herzi Halevi when they were heads of the Military Intelligence Directorate. Y. has a BA in law and history from Tel Aviv University and an MA in business administration from TAU and an MA in public policy from Harvard. A decade ago, he was awarded the Israel Security Prize for his work in promoting the unit's cyber capabilities.
According to Y., 8200 has undergone dramatic changes in the past few decades. He points to four main reasons: The first has to do with the "red" site, the enemy. "When I arrived, the enemies were mainly state entities. We were a passive unit that operated mostly based on the lessons of the [1973] Yom Kippur War. Today, on the spectrum from the Iranian nuclear program to a lone terrorist in Judea and Samaria, from states to terrorist armies, the difference is endless, and there is no one recipe for how to do it correctly."
The second reason stems from the "blue" side – us. "The time between wars demands a completely different pace from the organization. We used to deal with warnings about a war, and a few times a year we'd have to provide backup for a special operation. Today we take offensive action nearly every day. The issue of partnering on operations is also different. In the past, 8200 served only the strategic echelon. The first time I arrived at a field command center, I was already a seasoned major. Today, our intelligence serves the field. I'm friends with battalion commanders, and cooperate closely with them.
The third reason is changes to technology. "We started out by listening. Nasser and Hussein talked, and we'd listen to the conversation using some tools or others. Today it's a completely different kind of intelligence. When I have access to your computer, I get things that you never planned to communicate to anyone else in the world. It's a transition from passivity to activity, and that's a totally different kind of intelligence. The amount of valuable intelligence in the world hasn't changed, and secrets remain secret – but it's now much more complicated to extract them."
Q: More complicated?
"When my grandfather wanted to tell the universe something, he would pick up his dial telephone and talk. Same for leaders. Anything they had to say to the world, they said on the phone. Today, anyone who understands a thing knows to keep away from digital media as much as possible, and we need to maneuver through an endless quantity of background noise and know to separate the wheat from the chaff," Y. says.
The fourth reason is related to who and how intelligence is created. "There aren't any more new immigrants from Arab countries or children of [those immigrants] who speak Arabic at home. Today, these are kids who are taken out of high school who don't know a word of Arabic or Farsi, and you teach them everything they know. We've also had to reorganize, become multidisciplinary, in order to better use the intelligence," he explains.
All these have led to a revolution within 8200. In the past, the unit was mainly focused on collecting intelligence. Today, it also deals with utilizing it. This is also how labor is divided between the unit's two deputy commanders: Y deals with the intelligence his counterpart is tasked with collecting. An immense amount of information comes in daily from a variety of sources (computers, cellphones, correspondence, apps, bugging, and more), and it all requires analysis and mostly the ability to prioritize and triage.
"The technology of how to become a digital organization and how to correctly make the most of masses of data exists in the world. But I can't go to Google or Facebook or Microsoft and take it from them, or bring in a company like McKinsey to help me do it right. In this world, every organization is on its own. We had to do everyone alone."
Q: Do you have intelligence lacunas?
"There's no lack of data here. On the whole, there is no target that can't be cracked, given the appropriate effort."
Q: Explain.
"In this world, the defender and the attacker have different missions. The defender needs to protect what is often an unlimited space. The attacker needs to find one weak link and use it to penetrate. In my experience – and I have some perspective – the moment we've decided that a certain target was valuable enough, [cracking it] became feasible, even if it took a few years and huge amounts of IQ."
Q: The enemy is learning, too.
"And it's a crazy competition to learn. The enemy aren't idiots. They see things. They ask questions. They want to understand how exactly we got to a certain place and managed to attack it. It's a constant challenge that requires us to keep moving all the time. It's a challenge that is becoming more complicated, because we used to talk about a golden source or golden piece of intelligence, and today we have a huge variety of sources. The key is to know how to make the most of them, work them, get something out of them."
The event that led to a dramatic change in the enemy's understanding of Israel's capabilities was the operation that snuck the Stuxnet malware into the computer system of Iran's Natanz nuclear facility, interfering with its centrifuges.
"That event, and especially after the Snowden incident. The world has emerged from the cyber dark ages. Today, everyone knows everything. It requires us to improve. Happily, the technological vector leads to more platforms and more connections, which as far as we're concerned are more potential springboards for attacks."
Q: You said that the enemy understands. That they aren't stupid. So how do you manage not to get exposed?
"There are entire systems that have existed here for years whose job it is to ensure that we defend our strategic assets and our methods."
Israel is a cyber superpower, and 8200 is its engine. "I don't want to hand out grades. You can debate about whether we're in the top three or top five, but we're in the big league. I say that with confidence, and also with reservations – what we have is not trivial. It's fragile. And we need to work hard every day to protect it."
Subscribe to Israel Hayom's daily newsletter and never miss our top stories!
Y. says that this rests, first and foremost, on people. "This organization's biggest success is the quality of its people. This is very prominent when compared to our partners overseas. We can take any 18-year-old, put them through an intensive series of tests, make exact choices about who is most talented and brilliant, pay them a standard military salary of $300 a month, and assign them to cope with the most complicated cyber challenges and the most complicated intelligence questions, all in a dynamic environment and under commanders who give them a sense that they can do it. It all comes down to this. Ultimately, it's the corporals and lieutenants who lead this organization."
Q: How hard is it to get them to extend their service, given the temptations in civilian life?
"The temptations and competition 'outside' are currently fantastic. People get offers that are several times more than what they make here. I stayed in the army for two main reasons: because it's the most interesting thing I've done in my life, and because I've met the best, most talented people I've ever encountered here. People stay because it is meaningful. They have the ability to influence, they have a broad scope of management while they are still very young. A young guy can command hundreds of people here, with operational missions 24/7, with insane technology and challenges. This is what keeps people here. We can never compete when it comes to money."
Q: There have been reports that people are trying to steal not only your personnel, but also your secrets.
"We're aware of the dangers that have increased, among other things, because of greater involvement in offensive cyber capabilities. Here we have people whose job it is to ensure that our secrets remain with us, and people don't do things they aren't supposed to do."
Q: How disturbed are you by the current outrage over the Israeli offensive cyber industry? In the end, anyone who goes after them could come after you.
"We operate under the authority of and with the permission of the Israeli government, and the highest echelons know what we do and are updated on it. And we have made the choice not to be in contact with the civilian offensive cyber firms."
Q: Why?
"It's a strategic decision we made. The bottom line is, we prefer to cut ourselves off from them."
Every mission 8200 carries out is approved by the topmost echelons of both the IDF and the government Y. says that in that respect, there is no difference between cyber actions and battle offensives, or the launch of weapons at enemy targets.
"There is a lot of similarity between the process of getting a physical action approved and the process of approval for a cybernet one," he says.
Intelligence is collected in a variety of ways: online, from the air, from the sea, on land, and more. It is fed into the MI Directorate's information database, which includes the vast majority of data that exists in the IDF. It was established to make the most of intelligence, what the IDF knows about the enemy. 8200 has been made responsible for this process, and its role includes recording the information, analyzing it, and disseminating it to various officials.
During Operation Guardian of the Walls in May, an innovative new machine was tested for the first time. "We implemented capabilities that we have developed here when it comes to listening, test, pixels, and how all these are structured, and the ability to work them and make them accessible in a way that is relevant to making operative decisions such as deciding on targets."
Q: Be specific. Does this machine know how to create targets on its own?
"Take, for example, a hole used to fire rockets. It's not enough that I collect information about various sensors. I need to locate disturbances on the ground ahead of time. If someone is digging, moving dirt, maybe there's a stretch of fabric covering it to hide the activity, or someone plants something, covers it, and leaves. I operate a super-heavy algorithm about all the visible information collected through a variety of means – from satellites to lookout points – locate the disturbance, find the cloth – which looks no different from any clothesline in Gaza – locate the number of days the digging took place, and can integrate all this with intelligence from other sources and make it into coordinates.
Q: And still, 4,000 rockets were fired at Israel.
"This is a new machine that has only been in operation a few months. This means we have a machine, we have a system, and it works. It's not hermetic. But I think that with the system we've developed, we can overcome this challenge."
The system Y. is describing is called "Gospel," and it is an application that recommends targets. "You receive automatic target recommendations. This doesn't cancel the need to research targets, and it doesn't eliminate the need for analysis, but the system provides recommendations. During Guardian of the Walls the system alone created hundreds of new targets in only four days."
Q: Is it also effective 'between wars'?
"Between wars, we try, for example, to map the Iranian presence in Syria. For that, we need to do smart geography, using endless sensors that give us a work surface that serves as a base for researchers who identify the Iranians' points of equilibrium. The Iranian operation in Syria is super secret. Everything is secret, encoded. They understand that they are under attack and are doing everything to conceal themselves. Still, we are managing to put together a pretty decent puzzle. These are things we couldn't have done in the past."
The flood of information demands that Y. and his people handle an enormous amount of intelligence items every day, in different countries and in different languages. "In the past, even if you'd given me another 1,000 soldiers who speak different languages, it couldn't have been done. Today, I can activate smart logics, like speech-to-text, and extract what is most valuable from the millions of items that I collect, and send just these along to my people. It's phenomenal."
Q: That's where you are? Anyone who uses translation programs knows they have a lot of failures and mistakes.
"That's exactly the difference between us and civilians … we need to know how to aim precisely with all these raw materials, and we can't make mistakes because they are a basis for decision making. There could be a specific section of one conversation out of millions that if I don't locate, will be swallowed up by the information we have here. We can't miss anything."
Q: And how do you handle the challenges from the other side, from encoding to the use of code words?
"That's the core of our challenge, and we need the best people on it. There are areas where to stay in the loop we need to be the best in the world."
Q: Such as?
"In the cyber world, for example. The world of digital technology. This is why our applications and algorithms need to be the best in the world."
'We are a national treasure'
Y. thinks that we are still in the midst of the cyber revolution, and it could go on nearly forever. Despite the huge advances, there are plenty of questions and problems that remain unsolved. During Operation Guardian of the Walls, it was important to the government to locate Hamas' Mohammed Deif and Yahya Sinwar and kill them. 8200 played a major part in that challenge, but could not make a breakthrough. "We were partners in that effort. There are intelligence questions that are really tough, and I won't say whether or not we're close."
Q: The proof is in the pudding.
"No argument. And this isn't the only example. Again, the other side is very aware of the threat."
Q: But there are places where you can't get it wrong. The Iranian nuclear program, for example. You can always take out Sinwar. With Iran, you won't get a second chance."
"I repeat what I already said: in my experience in my 24 years in this organization, given the right investment of energy and resources, there is no target that cannot be cracked. Period."
Q: Including Hezbollah's precision missile project?
"That's an excellent example of no target being uncrackable, if enough is invested. It requires constant maintenance."
Q: In the end, you're expected to provide advanced warnings. During Guardian of the Walls rockets went flying at Jerusalem, and Israel was surprised.
"Warning is our most basic mission, but apart from collecting intelligence it requires things like interpretation and decision making. As someone who has perspective on all the major operations we've waged in Gaza, we had unprecedented superiority of intelligence during Guardian of the Walls."
Q: With all that superiority, if you ask the average citizen, they'll say the results of the operation weren't impressive. Is that frustrating?
"I get up every morning to prevent unwanted wars, and make sure that if we are involved in a conflict, that the IDF can win it as quickly as possible. We do the maximum we can to achieve that end, but the world is dynamic, and there are factors such as the decision-making process here or just luck. Still, I can say that the IDF has fantastic intelligence. Most militaries in the world would die for the level and depth of knowledge the IDF has about our enemies."
Q: How often do you get a piece of intelligence or a report, clutch your head, and say, 'This can't be'?
"I'm not the right person to ask, because I really love intelligence. But it happens a lot. We get intelligence that makes you wonder, every time."
Q: If the average citizen knew what you do here, both in terms of technology and in terms of intelligence, what would he say to himself?
"He'd feel boundless pride. Really, really proud. There are young people here with fantastic responsibility and endless commitment, who are doing things that are insane. This place is a national treasure."
