This is downright shocking, if true. “Hezbollah guerrillas were able to hack into Israeli radio communications during last month’s battles in south Lebanon, an intelligence breakthrough that helped them thwart Israeli tank assaults,” Newsday reports.
Using technology most likely supplied by Iran, special Hezbollah teams monitored the constantly changing radio frequencies of Israeli troops on the ground. That gave guerrillas a picture of Israeli movements, casualty reports and supply routes. It also allowed Hezbollah anti-tank units to more effectively target advancing Israeli armor, according to the officials…The Israeli military refused to comment on whether its radio communications were compromised, citing security concerns. But a former Israeli general, who spoke on the condition of anonymity, said Hezbollah’s ability to secretly hack into military transmissions had “disastrous” consequences for the Israeli offensive…
Like most modern militaries, Israeli forces use a practice known as “frequency-hopping” – rapidly switching among dozens of frequencies per second – to prevent radio messages from being jammed or intercepted. It also uses encryption devices to make it difficult for enemy forces to decipher transmissions even if they are intercepted. The Israelis mostly rely on a U.S.-designed communication system called the Single Channel Ground and Airborne Radio System…
With frequency-hopping and encryption, most radio communications become very difficult to hack. But troops in the battlefield sometimes make mistakes in following secure radio procedures and can give an enemy a way to break into the frequency-hopping patterns. That might have happened during some battles between Israel and Hezbollah, according to the Lebanese official. Hezbollah teams likely also had sophisticated reconnaissance devices that could intercept radio signals even while they were frequency-hopping.
During one raid in southern Lebanon, Israeli special forces said they found a Hezbollah office equipped with jamming and eavesdropping devices.
It was my impression that this kind of signal interception was really, really hard to do — especially for an irregular force like Hezbollah. I know there are some radio and commsec gurus who read the site regularly. Weigh in here, guys.
Or maybe the article itself contains the seed of what actually happened. “Besides radio transmissions, the official said Hezbollah also monitored cell phone calls among Israeli troops,” Newsday notes. A raided Hezbollah base had list of “cell phone numbers for Israeli commanders.”
Cells are, of course, way easier to intercept. “Israeli forces were under strict orders not to divulge sensitive information over the phone.” But maybe they talked anyway. Maybe they thought Hezbollah would never be sophisticated enough to grab their calls.
UPDATE 3:25 PM: Weeks ago, the Times of London and Asia Times had hints of this.
Apparently using techniques learnt from their paymasters in Iran, they were even able to crack the codes and follow the fast-changing frequencies of Israeli radio communications, intercepting reports of the casualties they had inflicted again and again. This enabled them to dominate the media war by announcing Israeli fatalities first.
“They monitored our secure radio communications in the most professional way,” one Israeli officer admitted. “When we lose a man, the fighting unit immediately gives the location and the number back to headquarters. What Hezbollah did was to monitor our radio and immediately send it to their Al-Manar TV, which broadcast it almost live, long before the official Israeli radio.”
(Big ups: JQP, /.)
I used to work on Havequick.There are some steps you have to perform before encryption is enalbled on these systems.I doubt very much that any codes were broken.Probably more like transmissions were sent in the clear.
Interception of those communications is unsurprising and unremarkable in terms of Hezbullah’s success against the IDF. You don’t need sophisticated technology to pull off repelling IDF forces. In fact, Hezbullah achieved great success in its defense by using non-tech weaponry against the IDP and respondeing to the high tech US made bombs, drones, and artillery, ect incredibly well using in essence WWII technology to out smart them. IDF as a ground force has shown to be inept for the most part except against poorly armed Palestinians in Gaza. The collateral damage was essentially the Lebonan and its civilian population. It makes you wonder if the Israelis bombed the airport, ports, oil tanks (with a spill greater than the Valdez polluting the beaches),resorts and infrastructure simply because they were jealous of Lebanon’s success in tourism promoting the country as the Switzerland of the middle east. This attack has made the Isreali’s look horrible in the eyes of the world as well as the US for supplying the hardware and staying silent. Sadly, it has allied the Christian factions in Beirut, and the Lebonese army with Hezbollah greater than ever imagined as they work hand in hand rebuilding. This was a great loss for the Israelis and its military. The Isreali civilians also shared in the horror of this event. The US media has failed to even present these facts. One can only hope for the best both for Lebonan and Israel.
With soo many intel leaks in the intelligence and privatized sector of equipment manufacturers, no wonder there’s no longer any true OPSEC, and we deal with baffling blows from any enemy threats. Thanks a billion guys and gals.
Generally the primary problem is poor training, and poor application of security during communication
I.E. “…I need to talk with Col Smith” or
“..I need to talk to your 6″
Instead of kfj37x this is kjf22l
Or Playing CBer. I’m over by that church near the trees
as opposed “675 256″ ( which would be coordinates offset from todays grid of choice.
SINGARS is pretty solid, encryption is pretty solid.
SINGARS + Encryption + Security Protocol is darned hard to beat.
edw
Army Vet
You don’t need to be a sophisticated fighting force to oppose your enemy. Merely organised and determined, both of which Hezbollah are. The fact that this reported interception of communications comes as a shock to most is a little concerning and somewhat arrogant. The rules or engagement are ineffectual in real combat and are merely placation to a world which can access the battlefront from the comfort of their living rooms. The justifications for actions taken, and ordered in the heat of battle are now accountable to the entire world. However to expect your enemy to fight on the same moral ground we may fight on is incredibly naive, look at Somalia and Liberia. You have to completely understand your enemy and what motivates them to fight. An area we are still trying to conquer in Iraq. Hezbollah are portrayed as terrorists through the Western world, at home they are heroes and become more so with every shell that is rained down into Lebanon. This discussion is a moral and intellectual victory for them in that the ‘great opposing war machine’ can be beaten. It fuels their fire and should be another warning sign to us all. We, the US and it’s Western allies, are becoming too heavily reliant on technology in the battlefield, so much so that the core fundamentals of developing a well trained, efficient and effective, on the gound fighting force backed with local and cultural intelligence is being neglected. The blog quoting WWII techniques is as accurate as it gets. Hezbollah are identifying weaknesses within the IDF and it’s infrastructure and are quite justifiably taking advantage of it, alarmingly and possibly with off the shelf electronics. No need for billion dollar lazer guided expenditure here!
This could have happened and if so Israel should change the codes and use techniques similar to the Navajo Code Talkers of WWII. The terrorist would be unable to break that type of code regardless of what Iran has. Iran can’t break it either. Being part Native American and very familar with the Code Talkers history, I can say that it is truly unbreakable unless it is by a member of the tribe that is using the language. I dispise Islam and Hezbollah and love the Israeis.
I trained Soldiers and Marines on the every facet of the SINCGARS system for 6.5 years, from Korea to California. I guarantee it was a lack procedure. You do the math, minus the freq hopping element, if this radio system is properly deployed, it provides 128 bit encryption! No matter how powerful your computer(s), you do NOT break that on the fly.
RIC REED is completly wrong:
1) “Hezbullah achieved great success”: at least 600 Hezbonuts terrorists were killed by the IDF (a ratio over 5 for 1).
2) “IDF as a ground force has shown to be inept for the most part except against poorly armed Palestinians in Gaza”: that’s just bad propaganda. IDF soldiers acted courageously and effectively on the ground in Lebanon each time their orders weren’t illogically modified or called back by Israel’s inept political leaders (Olmert and Peretz).
3) “It makes you wonder if the Israelis bombed the airport, ports, oil tanks, resorts and infrastructure simply because they were jealous of Lebanon’s success in tourism promoting the country as the Switzerland of the middle east”: that’s quite ridiculous a claim: Israel is a far more developped country than Third World Lebanon. In fact, Israel surpasses even the US in the number of engineers and scientists and patents-per-year, compared with the population… There is simply no field in which an Arab country is superior, or even equal, to Israel.
4) “This attack has made the Israelis look horrible in the eyes of the world as well as the US”: only in the eyes of the antisemites of the world… and in the eyes of the anti-american racists of the world…
If is is true that Israeli SINCGARS transmissions were hacked it should not surprise anyone. Frequency hopping for military radios offer nothing for voice or data encryption: it is a signal evasion technology to inhibit the enemy from using direction finding to locate signal sources locations and movement. Only good equipment, codes and procedures can properly secure information sent and received over these systems. For those who think the synchronization rate of SINCGARS is too fast to monitor, you should consider two facts: (1) The processors used in these radios were introduced in the 1980s and have much slower computation rates than the CPU in your kid’s Nintendo and (2) signal analysis doesn’t need to be spontaneous to be dangerous because these signals can be intercepted, assembled and then recompiled into its near-original form somewhere other than a bombed-out Beirut basement. This brings up the always present possibility that surrogate enemies like Hezbollah collect locally and through the Internet process remotely in Tehran, Beijing, Pyongyang or anywhere by techno-mercenaries in the international arms bazaar of military global outsourcing. Is it happening to us?
I think the word “shocking” is way overworked…Israel, of any countries, should have anticipated SIGINT efforts to see into their command and control structure and planned for same.
After all, they did’t attack the U.S.S. Liberty because they thought that ship was selling ice cream out there…
I believe the war in Lebanon was disastrous to the image of Israeli Defence Forces, and supposedly its deterrence. At one time, everyone thought they were invincible, however this latest battle was the biggest flaw in the history of the State of Israel. It showed that a small well trained and equipped guerilla force could defeat a modern army. And what’s even worse now is that Hezb set a role model for every thug to stand up and fight. Add bad to worse, even in technological warfare Hezb marked a victory!!!! Thumbs up.
I predict rocky times ahead for the tiny state of Israel who has no strategic depth. Every Hassan and Ahmed will try to match Hezb now and accomplish an achievement.
I don`t think that it happend during battle incident. Imo it was rather effect of long term recconesaince and monitoring, proffesionally-supported process.
Anyone who thinks that SINCGARS can not be tracked is fooling whoever they are talking to. I worked on a system fifteen years ago that could not only track a SINCGARS, I could pick you out of a crowd and tell where you were. I have been out of the business for a while, but can imagine that a lot of people could do it now. Without your COMSEC encryption you are VERY vunerable to interception. It is EASY!!! Unless things have changed, getting tankers to use their radio properly is a problem. Wouldn’t be a bit suprised they were in single channel clear.
Pssiitttttttt —– you missed something, what Hez boys were doing were listening to cell phones ———————-
i am from Iran and i am a network security expert. this is like a joke that IRAN and Hezbollah have such ability. These hacking techniques require advance knowledge and experts. as i know in my country what is not important , is knowledge !! so who want to hack these complicated systems ? The Hezbollah (who r unfamiliar with basic warfare) or REVELOTIPN BRIGARDS (same as Hezbollah) i recommend u to allow military intelligence search for something else like military personal abuse or spying.
Point 1.
They rabs have been able to jack into communications for at least the last several years since I served. One doesn;t have to be a genius, especially when it comes to mobiles.
Point 2.
As for it being sa victory against Israel, what a crock of your mothers crappy hummus. For reasons beyong understanding, Israel pulled back when we should have gone on and cleared the waste that is Lebanon. Unfortunately, injuries were suffered because unlike those sheep-dipping bloodthirdty murderers, Israel does care about the life of innocents, even if it adds to the fatalities of its own soldiers. As an ex-IDF sniper, I can verify many times I wasn’t allowed to complete a job because of information that could not be 100% verified. If Israel said screw them all, it wouldn’t have taken much to clear the whole bloody lot of them. Case closed!!
SAVILLE is a relative biatch to encode and decode, unless you’re vonNeumann’s reincarnation you’re not likely to be decrypting it in any useful period of time.
The most straightforward way to intercept a SINCGARS net would be to have someone give you the keys.
In terms of frequency hops, SINCGARS’ direct chip LFSR algorithm has a long dwell time (comparatively) and very well defined bins. You could use a multi-blade SDR setup to first bin out the entire SINCGARS hop spectrum, if you got somewhat close to an operating system.
The hopset for a SINCGARS net is variable but usually not that many slots, less than 2000 bins and usually more like 1000. Once you have the hopset elucidated, you can narrow your SDR’s attention to the 1000 or so bins that the net is operating in, a small enough subset that your SDR could easily munch it in real time.
You could use that data to easily triangulate on units close by. Given idiosyncrasies in each unit’s center frequency, chip timing and amplitude, you can eventually identify and separate out transmissions from units at a distance.
Decoding would be a lot tougher. But if you had the keys at one location and no way to easily distribute them to the other “freedom fighters”, I would assume one might be able to fake being a net controller and send well-known keys to the net with ERFs, everyone would think they were properly set up to transmit with code keys but would be using ‘blanks’.
Short of that, there are some other ways to attack encrypted transmissions that don’t involve directly decrypting the traffic’s data stream by carefully examining some aspects of the signal characteristics once you have the hopset. Some sets will “give away” more of this info than others, it would be a crapshoot if you could locate a SINCGARS unit doing it that was also sending really useful comm traffic. Maybe that’s why HB couldn’t do it daily.
At any rate, a special purpose SDR receiver with some computational horsepower and a competent operator is needed, most likely HB is getting help from a technically advanced country, it’s not the sort of thing you toss together over the weekend.
It is going to be a important concern about listing to IDF radio transmission in the upcomeing months. With the bad guys not disarming,which was part of the broker agreeement. The IDF is going to have to develope better radio security. When the IDF goes back to the fight in a matter of months, I hope they have a better ground plan for fighting the bad guys.
It is kinda funny most of you jokers act like these arabs are backward and you pysdo tough guy have no respect for our current foes in the middle east, I am a signal officer and when I attended college most of the EE, and mathmatic majors were either arab or persian. Freq are based on wavelengths hmmmmm….maybe the are smat enough to figure this out…and maybe we are to dumb to see it. In a nutshell never underestimate you enemy.
Interesting debate. Most telling is that you never underestimate your enemy, technology is not fool proof, and the good guy doesn’t always win.
To erewhon & his ilk; There is an old saw about engineers: “Never use a straight line where a recurve is possible, the shortest distance between any two points is never a straight line, & never, EVER, use clarity when obfuscation will suffice”. I don’t know who the original author was, but he sure nailed it when one reads comments like the ones erewhon (amoungst others) wrote. Why is it so hard for engineers to stop & think before they open their mouths to massage their own ego’s with supposed insider info? These guys make me crazy!! Hey moron – anyone with a high end scanner, a decent laptop & 10 cents worth of brains can figure out the 5 or 6 percent of transmitted info necessary to sus out common repeated intel. The more you engineers complicate things, the easier they are to break. Evidently, this is a lesson which will never find acceptance in the engineering community.
It can be a tricky thing to keep track of who got what weapon, not to mention when and how they are used, when the technology and intelligence of weapons is just like any other commodity-regulated by availability and demand.
National borders and national loyalty is only true in the vocabulary of those at the state vs state level. Below relations-whether in information, personal connections, monetary transactions, resources etc – are flowing with little regard to artificial lines.
djb:
Do you seriously think a Radio Shack scanner is going to be able to follow a direct-chip sequence spread spectrum network? Even one as slow as SINCGARS?
Get a grip, dude. It’s only been in the last couple of years that software defined radio systems have been able to pull it off.
You can’t spot traffic patterns until you can catch the traffic. You…DO…know that you can’t just turn on a shortwave and actually HEAR anything on a spread-spectrum net like SINCGARS?
Back under your rock, troll boy. Come back when you can describe an FFT kernel without a cut-and-paste off Wikipedia.
One more time:
Where did it say specifically that the HZ decoded frequency hopping signals. The use of the expression “hack into” sounds to me like the author of the original article did not really understand the total situation. As usual, we American high tech guys jumped in and said it cannot be done. There were indications that the HZ did monitor some RDF cell phones and probable some signal channel comms that may or may not have been encrypted. Bottom line, everyone should have learned something about OPSEC planning and tactical communications in the field.
Begruss:
Both the London Times and Newsday articles seemed pretty explicit that they had compromised either SINCGARS or other unnamed Israeli comms that used frequency hopping. Grant you, as you say the authors may have misunderstood, but it was explicitly stated that HB had gotten their intel from encrypted or frequency hopping comms.
If they were using digital cell phones, the data is encrypted there as well but you can snag the key if you catch a call during setup. Or you can do it pretty easily at the cell tower, if you get access to the equipment. You can’t trust cell phones in enemy territory.
Just a thought, What has been Syria’s fee for torturing suspected Al Quaeda members. Access to possible signal hopping frequences related to our old, outdated battlecom system??
Been a ham and inventor in more then one way for over 50 years. I beleive I have a way to catch whomever/whereever at anytime. I need a contact with the proper agent and or person. Can be done with what we already have availible to us.
The real compromise in this scenario involves the person writing the story. It’s the field journalist with satellite links and video phones giving away information that is compromising. Who needs to intercept encrypted radio transmissions when you can just turn on the television. This story is full of deceit and smoking mirrors … the PMC’s might use this technique in the field, using journalists that are operationally friendly, if you know what I mean.
Ps, It’s not possible to intercept and decrypt Israeli Military Radio Communications within a reasonable parameter for effective utilization. So, for the the people here declaring it can be done … quit smoking crack and get back to reality.
“Ps, It’s not possible to intercept and decrypt Israeli Military Radio Communications within a reasonable parameter for effective utilization. So, for the the people here declaring it can be done … quit smoking crack and get back to reality”
Once upon a time there was a person of Arabic descent. He thought he had a secure line of communication. He spoke of many interesting things upon his encrypted radio link.
The encryption was indeed formidable. Not decodable in universe time…one of those combinatorial explosions you get with prime factors.
Yet, the intrepid crew got the audio anyway.
And they didn’t decrypt the data flow.
How do you get down off an elephant? You don’t. You get down off a duck.
How do you decrypt spectacularly good encryption?
You don’t.
In this case, the audio amps were drawing a variable amount of current when our Islamic friend spoke on the invulnerable encryption. That caused a tiny frequency deviation in the FM modulator, and a tiny AM modulation of the signal amplitude. And when you used a mathematic transform on the two that amplifies similarities between the two effects and removes the other noise, voila! there was the voice data.
The moral of the story is, you don’t always have to decrypt the unbreakable encryption to retrieve the data.
Sometimes, the obvious is overlooked. It is not impossible that the Hezbollah had the use of the fruits of Iranian or Syrian espionage. Since the system is a US one, it is possible it was compromised in the US. Remember what the traitor Walker did to the US Navy?
Having worked for the maker of SINCGARS, I am not aware of any sale of the system to the IDF. Israel has it’s own comms company and they prefer to use it instead of a foreign system. The IDF radios although Freq Hopping are not based on the SINCGARS model in anyway.
I have 4 .jpg images of the equipment the IDF SoF recovered as refereced in the article.
All I can say is that your eyes will pop like mine did.
Do you guys remember a guy named John Walker a US Navy RMC who stole our Jason and Creon codes for the Russians? All during Nam the Soviets supplied codes and then radio equip cloned from the hijacked USS Pueblo. They read our mail every day for years while we sweated our secure procedures. Even channel hopping can be tapped into with the right computer chip.
Rule # 1, regardless of your communication and transmission security, even the most advanced, always assume that all your communications have been intercepted by the enemy and that it will be used against you. Hence, only a fool would believe that his communication system cannot be intercept, decode and use against you