HSNW - 5 June 2012

Unit 8200 is Israel’s equivalent of the U.S. National Security Agency (NSA) or GCHQ in Britain; what sets the unit apart from its SIGINT counterparts in the United States and Europe is that it does almost all its research and development in-house; this means that, aside from interpreters and analysts, the unit is home to a huge cadre of engineers, technicians, and programmers; one result is that veterans of Unit 8200 have founded many of Israel’s successful high-tech start-ups

The waves of cyber attacks on Iran’s nuclear facilities and critical infrastructure – the attacks we know of: Stuxnet, Duqu, Flame – have drawn attention to the secretive Unit 8200, the cyberwarfare unit within the Israel Defense Force (IDF) Military Intelligence (MI) branch (these cyberattacks have also drawn attention to the U.S. efforts in this regard: see David Sanger, “Obama Order Sped Up Wave of Cyberattacks Against Iran,” New York Times, 1 June 2012). The Financial Times notes that Unit 8200 is Israel’s equivalent of the U.S. National Security Agency (NSA) or GCHQ in Britain. These three organizations belong to a branch of the military called signals intelligence, or SIGINT. Unit 8200’s task is to intercept, monitor, and analyze enemy communications and data traffic — from mobile phone chatter and e-mails to flight paths and electronic signals. The unit’s goal is to “fish out from an ocean of data the piece of information that will help the Israeli security forces identify and thwart a potential attack,” the FT writes.

Full story

‘Groundbreaking’ worm points to a state-backed effort, say experts

Gregg Keizer - September 16, 2010

The Stuxnet worm is a “groundbreaking” piece of malware so devious in its use of unpatched vulnerabilities, so sophisticated in its multi-pronged approach, that the security researchers who tore it apart believe it may be the work of state-backed professionals.

“It’s amazing, really, the resources that went into this worm,” said Liam O Murchu, manager of operations with Symantec’s security response team.

“I’d call it groundbreaking,” said Roel Schouwenberg, a senior antivirus researcher at Kaspersky Lab. By comparison, other notable attacks, like the one dubbed “Aurora” that hacked Google’s network, and those of dozens of other major companies, was child’s play.

O Murchu and Schouwenberg should know: They work for the two security companies that discovered Stuxnet exploited not just one zero-day Windows bug, but four, an unprecedented number for a single piece of malware.

Full story

—–

See also: “Stuxnet code hints at possible Israeli origin, researchers say“