Jewish Virtual Library.org
Israel Strategic Intelligence Collaboration——Evolution of Alliance
One of the most significant contributions Israel has made to U.S. security has been shared intelligence. The truth is the United States has little alternative but to depend on Israel for much of its Middle Eastern human intelligence because the CIA’s capability has diminished. In post-revolutionary Iran, the CIA no longer had a presence and the CIA’s Lebanon station was virtually wiped out in the 1983 bombing of the U.S. embassy in Beirut. The United States relies on the Mossad and other Israeli intelligence agencies for information about terrorism, radical Islamic movements, weapons proliferation and other Middle East-related events.
For many years, Israel played a key role in assisting U.S. intelligence through the capture and transfer of Soviet weapons systems. For example, Israel supplied the United States with valuable intelligence about Soviet fighters and their avionics. This occurred as recently as 1989 after a Syrian pilot defected in an advanced model of a MIG-23 and American officials were allowed to examine the plane.
A Russian passenger plane travelling from the Egyptian city of Sharm el-Sheikh to St Petersburg, Russia, crashed in the Sinai Peninsula on October 31, 2015, killing all 224 passengers. After weeks of investigations it was determined that a bomb brought down the plane. U.S. and British intelligence services used information gathered from Israeli security sources during the investigation of the crash. Communications from terror groups in the area were intercepted by Israeli security and later given to U.S. and British investigators.
Stuxnet Slows Iranian Enrichment
In 2010, Iran announced that uranium enrichment at Natanz had stopped several times because of a series of technical problems. News reports suggested that as many as 1,000 centrifuges used to enrich uranium were damaged. It was subsequently reported that the destruction was likely caused by sabotage. In June, anti-virus experts discovered a sophisticated computer worm dubbed “Stuxnet,” which spreads via Microsoft Windows and targets Siemens industrial software and equipment used by Iran to control centrifuges used to enrich uranium at its Natanz plant.
The New York Times subsequently reported that Stuxnet is part of a U.S. and Israeli intelligence operation called “Operation Olympic Games,” initiated by President George W. Bush and expanded under President Barack Obama (New York Times, June 1, 2012). At the time the worm was reportedly infecting the Iranian machines, IAEA cameras installed in Natanz recorded the sudden dismantling and removal of approximately 900–1000 centrifuges. These were quickly replaced, however, and Iran resumed uranium enrichment (Washington Post, February 16, 2011). Although Stuxnet was discovered, it is believed that the United States, Israel and others continue to use cyberwarfare in an effort to sabotage Iran’s nuclear program.
Infiltrating ISIS
U.S. diplomats reported in 2014 that Israel has been assisting in the fight against the Islamic State (ISIS) by providing the United States with intelligence information, including lists of Westerners who have joined ISIS. Israel has also provided vital intelligence in the form of drones flying over ISIS territory. This information is then used to carry out air strikes and plan coordinated attacks.
In 2017, it was disclosed that Israeli cyberoperators penetrated a cell of bombmakers in Syria. Israel passed on information indicating ISIS had learned to make explosives resembling laptop computer batteries, which can evade detection by airport X-ray machines and other screening devices. The information prompted the United States to ban large electronic devices in carry-on luggage on flights from 10 airports in eight Muslim-majority countries to the United States and Britain. President Trump is believed to have revealed the intelligence to Russian foreign minister, Sergey V. Lavrov, and the ambassador to the United States, Sergey I. Kislyak during during a meeting the Oval Office in May 2017 (David E. Sanger and Eric Schmitt, “U.S. Cyberweapons, Used Against Iran and North Korea, Are a Disappointment Against ISIS,” New York Times, (June 12, 2017).
snip
CSIS.org
Commentary
by Jessica Davis, Tricia Bacon, Emily Harding and Daniel Byman
Published October 25, 2023
Experts React: Assessing the Israeli Intelligence and Potential Policy Failure
The devastating Hamas attack surprised Israel and represented a massive failure for its intelligence services. A collection of CSIS experts examine different aspects of this failure. Jessica Davis explores the failure to detect the attack’s financing, decades after 9/11 made terrorist financing a priority. Tricia Bacon argues that the failure likely occurred because Israel failed to properly understand Hamas’s intent. Emily Harding contends that Israel may have relied too much on technology in its monitoring of Gaza. Finally, Daniel Byman assesses the overlap between intelligence and policy failures, both driving factors for the future of the conflict.
Since September 11, the international community has made financial intelligence, and counterterrorist financing, a key pillar of counterterrorism. Shortly after 9/11, President Bush announced that the United States “will continue to work with our allies to disrupt the financing of terrorism” and that it will “identify and block the sources of funding for terrorism, freeze the assets of terrorists and those who support them, deny terrorists access to the international financial system, protect legitimate charities from being abused by terrorists, and prevent the movement of terrorists’ assets through alternative financial networks.” So where was the financial intelligence warning about this attack, and how was Hamas allowed to finance this operation?
It is incredible that Hamas planned, procured, and financed the attacks of October 7, likely over the course of at least two years, without being detected by Israeli intelligence. The fact that it appears to have done so without U.S. detection is nothing short of astonishing.
The attack was complex and expensive. It is too soon to say what it might have cost—that will require a careful analysis of the various components of the attack, ranging from pre-attack training to weapons procurement (and much more). But what is known is that one of the most expensive attacks in history was September 11, 2001. Adjusted for inflation, that attack cost $850,000. These attacks involved a combination of thousands of rockets and thousands of armed Hamas fighters breaching a border fence and attacking on motorboats and paragliders. The October 7 attacks will undoubtedly cross the million-dollar mark, probably by a wide margin.
The fact that Israeli intelligence, as well as the international intelligence community (specifically the Five Eyes intelligence-sharing network), missed millions of dollars’ worth of procurement, planning, and preparation activities by a known terrorist entity is extremely troubling. And some of this financing over the years was happening in plain sight—with cryptocurrencies. While cryptocurrencies are often thought to be anonymous, in practice, the transactions are largely visible to anyone who cares to look. And while attributing those transactions to terrorist entities can be a challenge, the swift reaction by U.S. and Israeli officials in the aftermath of the attack suggests that good intelligence on who exactly was benefiting from these transactions existed.
The truth is that Hamas has not been a counterterrorism focus for many years. Some of the most recent estimates on Hamas financing are years old; many countries, including those with known Hamas finance and facilitation networks operating in their borders, such as Turkey, Algeria, and even the United Kingdom, have been silent on the issue for years. Members of the G7-founded Financial Action Task Force, the global standard-setting body for efforts to counter the financing of terrorism, are going to have to answer some hard questions about efforts (or the lack thereof) to counter Hamas’s financing. If Israel and the United States, and indeed members of Five Eyes, can miss what might be the most expensive terrorist plot in history, it will certainly raise questions about the collection, use, and utility of financial intelligence in detecting and disrupting terrorist attacks.
Assessing the threat from militant groups requires understanding both their capability and intent. Capability refers to an organization’s ability to engage in attacks and violence, while intent is its calculus about when, how, and against whom to use that capability.
For years, the U.S. intelligence community has focused on the threat from al Qaeda and the Islamic State: two groups that have the intent to strike the United States but have limited capability to do so. To counter that threat, the United States has proven adept at collecting and assessing intelligence to devise measures to degrade the capability of both groups, such as disrupting their safe havens, conducting targeted strikes, and executing special operations. The hostile intent was, correctly, taken as a given.
For intelligence officials, identifying changes in a group’s intent is particularly challenging, especially when dealing with highly capable organizations like Hamas. Accurately assessing intent requires regular access to the leaders’ deliberations. And highly capable organizations are hard to infiltrate—they are savvy in their communications to avoid interception, and they employ denial and deception tactics.
Before October 7, it was well established that Hamas was more capable than its recent operations demonstrated, but its seemingly pragmatic intent restrained the scope of its actions. It still conducted periodic attacks against Israel, but those attacks were not as frequent or lethal Hamas’s capability could have produced. Under these circumstances, the Israelis did engage in some kinetic responses against Hamas, but the two sides exercised some restraint and appeared to have developed parameters to manage the conflict and avoid escalation. Kinetic means used to diminish capability—like those the United States has used against al Qaeda and the Islamic State—can risk inadvertently provoking a greater threat by changing a group’s intent. But, as was clear on October 7, that calculus fails when a highly capable group manages to conceal a change of intent. Ultimately, though Israel will have to investigate how Hamas managed to successfully penetrate its defenses and conceal planning for the attack, the core intelligence failure was not detecting the change in Hamas’s intent.
In the Jack London short story “To Build a Fire,” the main character ignores warnings and walks into an icy wilderness on the coldest day of the year. London describes him as “quick and alert in the things of life, but only in the things, and not in the significances.” He knew it was cold and the journey was far, but he failed to grasp the threat of the cold and died as a result.
Much like the man in the story, intelligence services can collect facts, but they need more than data points to understand the significances. Israeli intelligence services are among the best in the world—clearly focused on mission, creative, and technologically advanced. Their tech has handed them some impressive intelligence wins in the past, but in October 2023 an overreliance on technology likely contributed to an intelligence failure.
In the days before the October 7 attacks, the Israeli services would have felt confident in robust technical capability. A high-tech border fence surrounding Gaza provided tactical warning, serving as both a physical and electronic barrier. A series of cell towers communicated information from motion sensors and cameras back to command posts. Those cell towers also communicated with remote control guns along the border fence meant to push back anyone approaching. The result was an illusion of control with a hidden single point of failure. Hamas capitalized, using their own tech—drones—to attack the cell towers, simultaneously blinding the cameras and neutering the guns.
The Israeli services also would have been confident in their signals intelligence (SIGINT) collection. An attack this large took months of planning and coordination. Israel, leaning on its technological prowess, would have assumed a large attack would show up somewhere in technical surveillance: chatter over cell phones, emails over vulnerable lines, or someone who forgot to leave a cell phone outside a room when planning was discussed. But it seems a combination of strong Hamas defensive tradecraft and missed signs in collection meant a failure to warn.
Technical surveillance can give you information on the things in life, but rarely their significances. That’s where human intelligence (HUMINT) shines. A well-placed human source can provide facts, like who was in what room on what day, but can also interpret the significance. A human source flagging an “unusual” level of activity, or the appearance of a stranger speaking Farsi, or a delivery of a crate of Iranian drones could have been the difference between a tragedy and day without headlines.
An eventual Israeli intelligence review will reveal the collection posture for human sources. Gaza is a difficult operating environment—recruiting sources is hard and keeping them harder. In the final accounting, Israel will need to carefully evaluate whether an overreliance on tech and an under-reliance on humans was a central cause of the tragedy.
Intelligence agencies are convenient scapegoats: they are meant to be apolitical, and intelligence at its best is far from perfect. But their failures should not excuse the policy decisions that shaped intelligence priorities and capabilities and the very nature of the threat.
Intelligence and policy are interwoven: policymakers determine what a state’s priorities are and the resources given to intelligence agencies, among many other roles. Intelligence agencies, however, often struggle to convince policymakers of a threat. Richard Betts, a senior scholar of intelligence, warns that many supposed intelligence failures stem from policymaker disbelief. Other intelligence failures are borne from inappropriate prioritization by policymakers. Before 9/11, for example, the policy community did not sufficiently resource counterterrorism intelligence, lacked in homeland security, and had a Middle East policy that did not prioritize counterterrorism.
Reports of what Israeli military intelligence and Shin Bet, Israel’s domestic intelligence agency, which has responsibility for Gaza, told Prime Minister Benjamin Netanyahu and his senior advisors about Hamas’s intentions and capabilities, are still unfolding—yet these agencies are already taking responsibility for a massive failure. However, Israeli policymakers probably also bear considerable responsibility. They prioritized Iran and the growing violence in the West Bank, as well as the turmoil in Israel itself. Some of the Israeli policy response might have stemmed from a careful consideration of intelligence analysis, but it also could be due to Israeli leaders’ own sense of Israel’s interests, their belief that the Hamas challenge was effectively managed, and their political priorities, such as appeasing the settler community that is expanding its presence on the West Bank.
Perhaps most important, political leaders also have a hand in shaping the threat itself. Israel’s policies toward the Palestinians, and toward Gaza in general, affect both Hamas’s intent and capability as well the attitudes of ordinary Palestinians. Determining why Hamas acted when it did requires assessing how the Netanyahu government’s policies shaped the terrorist group—an assessment of one’s own government that is politically fraught for any intelligence agency.
Commentary is produced by the Center for Strategic and International Studies (CSIS), a private, tax-exempt institution focusing on international public policy issues. Its research is nonpartisan and nonproprietary. CSIS does not take specific policy positions. Accordingly, all views, positions, and conclusions expressed in this publication should be understood to be solely those of the author(s).
© 2023 by the Center for Strategic and International Studies. All rights reserved.