COLD OPEN
The following presentation is not suitable for young children. Listener discretion is advised.
The centrifuges were failing.
It was the summer of 2009, and Iranian nuclear scientists and technicians were baffled. Hundreds of uranium-enrichment centrifuges at the Natanz nuclear fuel plant were suddenly stopping without warning or explanation.
Technicians replaced the broken centrifuges as quickly as they could, but it wasn’t enough. They were failing at such a fast rate that the entire facility’s enriching capability was hobbled.
And if the facility at Natanz wasn’t working as it should, then the entire Iranian nuclear program would be hamstrung. Their decades-long hopes to develop nuclear weapons would be crippled.
And in late June, 2009 at the Natanz facility, there was an incident.
A Wikileaks report in July called it a “serious nuclear accident.” The incident was apparently so serious that Julian Assange broke his own protocol to report it. Later, another report said it was related to the blackout of centrifuges.
But the truth has never come out. It’s unclear exactly what happened, or how serious it was. The Iranian government has kept it secret, and never elaborated on the specific events. But it was serious enough that it warranted the immediate and mysterious resignation of the head of Iran’s Atomic Energy Organization.
Days after the accident, the controversial Iranian presidential election threw the country into political turmoil. In the streets of Tehran, 200 miles south of Natanz, protestors clashed with the police to express their dismay with the government.
The country was hanging by a thread. The technicians inside the nuclear enrichment plant raced to figure out the problem with their centrifuges. It was a race against time — every single day, dozens more failed and the entire Iranian nuclear program took a step backwards.
It wasn’t a technical issue with their installation, and it wasn’t caused by the facility’s protocols or operations. It was a computer bug, a strange and devastating digital virus that was causing their analog components to stop running.
The bug would eventually pick up the name Stuxnet. And it wasn’t a mistake, an error in the code, or a virus created by a rogue group of hackers.
It was a targeted attack, a carefully designed cyberweapon.
The authors of the bug were the most skilled, experienced, and secretive cyber soldiers the world had ever seen. They were so good at what they did that the world barely knew they existed before the Iranian attack.
They’re called Unit 8200. They’re the largest and most elite branch of the Israeli military.
Stuxnet was just the beginning — an opening salvo in the cyberwars to come.
And Unit 8200 is just getting started.
On this episode, we have nuclear tension, cyber warfare, and international espionage. I’m Keith Korneluk and this is Modem Mischief. This is the story of Unit 8200. The Isralei cyberwarfare division.
INTRODUCTION
You're listening to Modem Mischief. In this series we explore the darkest reaches of the internet. We'll take you into the minds of the world's most notorious hackers and the lives affected by them. We'll also show you places you won't find on Google and what goes on down there.
Act I
On a hot summer afternoon in the southern Israeli town of Beer Sheva, a group of teenagers eagerly prepared to present their final projects. Students stood at tables running up and down a large open room, telling their friends and family about their hard work.
Some were success stories, gleefully bragging about their program, bot, or custom-made piece of hardware. Others ambivalently presented their failures, like a team of students who tried to construct their own cell phone from scratch but couldn’t quite pull it off.
From an outsider perspective, it looked exactly like a normal high school science fair. The only thing that would look different was that half of the observers strolling the halls of the fair were uniformed military personnel.
Because this wasn’t a high school science fair. This was a graduation ceremony for a program designed to find and cultivate the finest young minds in Israel and prepare them for the military.
The program is called Magshimim, and it’s an after-school computer skills academy focused on finding gifted students in the periphery of the country — outside of the highly-populated and wealthy cities like Tel Aviv. It also aims to find talent from underrepresented demographics in technology, particularly young women.
Getting accepted into Magshimim is a feat in and of itself. Teenaged applicants go through an elaborate series of tests and interviews, and only thirty percent are accepted into the program. The program’s focus is on finding candidates with the right work ethic and dedication, rather than technical skills.
Once in the program, Magshimim teaches them the skills they need through three-hour training sessions held twice a week for three years. It’s so in-depth that students essentially earn a college degree in computer science — while attending high school full time. It’s not for the faint of heart.
So on that sunny day in Beer Sheev, the high school seniors and Magshimim graduates were proud to officially graduate. They’d made it through a famously-intense program and were ready to show off their final projects.
Of course, these were not your average computer science projects: they didn’t design apps or games. They designed advanced tools of war.
(Music sting)
One graduate presented a USB key that can quickly and automatically hack information out of one computer and send it to another: an entire spy network inside of a small piece of hardware. A classmate created a remote-teaching tool that would allow educators to continue reaching students even if interrupted by war. Another team of students built a robot that can map the space it occupies in real-time using ultrasonic sensors.
Magshimim isn’t just a tech academy. It was co-founded by the Israeli government and acts as a feeder school for the military, finding and training the soldiers who will be ready to fight the battles of the future.
(Music transition)
(SFX: Bombs landing)
Since its founding in 1948, the state of Israel has been in a nearly-constant state of war. The United Nations vote partitioning the land between Jewish and Arab populations led to immediate violence between the two populations. Four neighboring countries — Egypt, Transjordan, Iraq, and Syria — invaded the area in support of the Palestinian state.
At first, the Arab forces made significant headway and declared that they would destroy the partition and the Jewish state with it. But the tide of the war changed over the next few months, and the Israeli army — with better arms supplied by western powers and with greater and more organized numbers — managed to take command of the region and prevent a collapse of their new country.
But even though they had won the war, the battle for survival was far from over. Threats from surrounding countries wouldn’t cease. Israel needed to be ready for the wars to come. The most important thing they needed were soldiers — as many as they could.
So on September 8th, 1949, the Israeli legislative body, the Knesset, passed a law making military service mandatory for both men and women over the age of 18.
But the Israeli government also knew that because of their limited population and very small amount of territory, they couldn’t rely on the size of the army, natural defenses, or brute force. They would need to stay on the cutting edge of espionage and intelligence gathering in order to keep one step ahead of their enemy.
(Beat)
In October of 1952, Private Arieh Surkis was assigned to the 2nd Intelligence Service Unit of the Israeli army as a laboratory technician. The unit, based in the ancient coastal city of Jaffa, was small and underfunded and relied solely on surplus American equipment.
Within the next few months, Surkis helped transform the unit from the ramshackle group into a formidable technological arm of the Israeli military. As it morphed and expanded, its responsibilities grew. In late 1952, Surkis and his unit were given the order to place a communications and observation post on every hill in the entire country of Israel.
Those first officers inside the intelligence unit were driven by a simple ethos that they applied to every single project and operation: “if this isn’t ready on time, all will be lost.”
As its duty and importance changed, Surkis’s name changed as well. After being known as the 2nd Intelligence Unit, its number changed to the 515th. According to Surkis, the number was a wry reference to the supposed ethnic makeup of the unit: 500 Iraqi-Israelis, and 15 Ashkenazi, or Eastern European Israelis.
Eventually, they were given the catchy name of Unit 8200. In 1952, it moved from Jaffa to a quiet area north of Tel Aviv known as the Glilot Junction. There, the group would have room to expand — and remain secret. It’s remained there ever since.
In the sixty-nine years since its founding, Unit 8200 has become the largest and potentially the most essential branch of the Israeli military. The officers working inside its high-security halls have come a long way from the days of relying on surplus equipment.
Today, Unit 8200 employs at least five thousand soldiers. It is led by a Brigadier-General whose identity is classified. According to some reporting, the unit alone is responsible for providing over half of the information produced by the Israeli Intelligence Community.
(Beat/Music Transition)
Like many other branches of the military, Unit 8200 has a high rate of churn as officers leave the military for the private sector. The average member of Unit 8200 spends four years inside its operations. Because of that, finding and recruiting new talent is a constant priority.
But unlike tech companies, Unit 8200 can’t just post a job opening online. In keeping with their clandestine and elite reputation, their recruitment process is cryptic, extensive, and highly selective.
(Music Transition)
In modern Israel, everything about life as a teenager is ultimately geared towards one destination: the military. After high school graduation, each man is required to serve for two and a half years, and each woman soldier two years.
During their high school years, Israeli teenagers jockey for position, exploring interests that could help them maximize their military service — and end up somewhere like Unit 8200.
At one prominent high school in Tel Aviv, a team of 11th graders entered a computer programming competition. It was essentially a hacking contest, where different classes from schools around the country would compete to build the best automated program to attack each other’s servers and defend their own.
It was a miniature war game between teenagers, fought over a digital battlefield — and with real soldiers watching them, like NFL scouts at a high school game but with far higher global stakes.
This 11th grade class knew they were underdogs. All of the other teams competing were made up of 12th graders. But the younger team was confident in their programming and hacking skills, honed in after-school computer classes. They believed they could win.
And that’s exactly what they did. Not only did they beat the other teams in their school, then went on to defeat the winners from each other school.
The automated program they built was so good, it even defeated one built by a real military hacker who helped run the contest.
It was a moment of triumph for the 11th grade computer engineers. It was also their entry into a much larger and more dangerous world. Because the contest wasn’t just a friendly competition. It was a recruiting tool, a test to see which Israeli teenagers had a future in cyberespionage.
Now, they were on a fast track to join the most elite, important, and clandestine unit of the Israeli military: the infamous Unit 8200.
(Beat)
(SFX: Keyboards clacking)
The recruiting process for Unit 8200 is far more complex and detailed than any other branch of the Israeli military, and for good reason. It’s practically an entire agency unto itself. It rivals the actions and scale of the National Security Agency in the US.
The Unit also runs two separate after-school computer programming and hacking academies for teenagers. Each offer 3-year programs that act as the minor leagues for recruitment into 8200.
Once they’ve been drafted into the military, teenagers handpicked by Unit 8200 as potential candidates are pulled aside from the rest of the class. They represent the top 1% of the top 1%, the creme de la creme.
And they weren’t allowed to tell anyone where they went. While other teenagers their age were sent into basic training and eventually funneled into more conventional areas of the military, the conscripts flagged for Unit 8200 are treated entirely differently.
Recruits to Unit 8200 are thrown into a rigorous training and examination process that can last for up to six months. They’re given crash courses in computer programming, communications, and even learn to speak Arabic.
Many of these recruits don’t even know exactly what they’re being recruited for. But they know that the military has chosen them for something vitally important to the security of their country.
When the boot camp is done, current Unit 8200 officers perform final interviews with the recruits, essentially choosing their own replacements. They evaluate current skill as well as temperament. Not everyone is fit to be a Unit 8200 officer, regardless of how good they are with a mouse and keyboard. It’s more important to be flexible, adaptable, and motivated to do whatever is necessary to get the job done.
But it’s equally important for a member of Unit 8200 to be able to handle stress, and remain level headed in the most high-intensity situations. They can’t afford to have anyone fail to pull their own weight, or crack under the enormous importance of the job they’ve been tasked to do.
Because the security of their nation — and potentially the entire world — is at stake every minute of every day.
No pressure.
Act II
In the first week of October, 1985, the cruise ship Achille Lauro embarked from Genoa, Italy, on a cruise of the eastern Mediterranean. Over the course of eleven days at sea, the passengers of the ship, each of whom shelled out upwards of $1,000 dollars for a cabin, would visit such destinations in southern Italy, Egypt, Cyprus, Greece, and Israel.
Along the way, they’d have a chance to avail themselves of the cruise liner’s luxuries, which included two swimming pools, a movie theater, and even a discotheque.
But on the fourth day of the cruise, it all went to hell.
That morning, the ship embarked from Alexandria, Egypt and headed for Ashdod, Israel — with four imposters onboard.
They were disguised as Latin American tourists -- but in reality, they were militants from the Palestinian Liberation Front, the terrorist wing of the Palestinian Liberation Organization led by Yasser Arafat.
As soon as the ship reached Israel, they had plans to launch a violent attack when the ship reached Israel.
Their guns had been stored in a car’s gas tank — giving off a suspicious stench that the crew members had noticed. Worried they might be discovered, the militants took out the weapons, huddled in their stateroom and tried to dry them off with a hair dryer.
In the middle of their operation, the door to their cabin suddenly swung open. A cabin steward strolled inside, carrying a tray of complimentary fruit for his guests.
When he saw what was happening, he presumably regretted not knocking first.
The Palestinians panicked. They loaded their weapons and took the steward hostage. Now, there was no chance to get all the way to Israel quietly and without incident. So they chose to hijack the entire ship instead.
(SFX: Machine gun firing)
They rushed into the ship’s dining room, firing their weapons wildly and terrifying the other passengers. When some of them tried to run, the militants chased them down and beat them into submission. One fleeing passenger was grabbed and thrown down a flight of stairs.
The cruise ship had no security. When the smoke cleared, the four armed hijackers had over 100 hostages, full control of the ship, and no idea what to do with it.
Their first demand was for the ship to head for port in Syria. After the captain followed their orders and set a course, the hijackers made contact with Israeli authorities. The militants demanded that the Israeli government release fifty Palestinian prisoners in exchange for the safe return of the cruise ship.
Israel did not negotiate. They didn’t know enough about the situation to decide what to do. The lives of every single passenger on the cruise ship was at stake, as well as Israel's complicated and fragile relationship with Yasser Arafat, the head of the PLO.
The Israeli government couldn’t afford to make any kind of miscalculation. They needed as much information as they could get, as quickly as they could get it.
It was time for Unit 8200 to get involved.
Yasser Arafat publicly denied all involvement in the hijacking, but Unit 8200 was rightfully suspicious. They intercepted his phone conversations and uncovered proof that he was in contact with the hijackers on the boat, and may have even been involved in planning the operation.
On the second day of the hostage situation, the hijackers murdered one of their hostages, a 69-year-old wheelchair-bound Jewish American.
The widespread outrage about the murder of a hostage, and Israel’s leverage upon finding out about Arafat’s involvement, led to the end of the hijacking situation. Arafat cut ties with the hijackers and ordered them to surrender the hostages. The ship was allowed to dock back in Egypt, where the hostages were freed.
The hijackers attempted to escape to Libya, but their plane was intercepted by the U.S. Navy, which forced them to land in Italy. There, they were arrested by the Italian authorities.
(Music transition)
Through the politically turbulent years of the 1980s and 1990s, Unit 8200 grew into an even more integral part of the Israeli Intelligence Community. And as technology advanced, Unit 8200 had to grow to keep up with the ever-shifting world of espionage.
In keeping with their initial mandate in 1952 to have bases on every hill in the country, the unit also has installations spread all across the country — including one operated alongside the American NSA in East Jerusalem.
Their surveillance stretches out even further than Israel’s borders. According to some sources, Unit 8200 also taps undersea cables in the Mediterranean to spy on any communications between Asia, Africa, and Europe, while also utilizing elaborate monitoring systems built into their embassies abroad and in the Palestinian territories.
While their headquarters and base of operations remains just at the city of Herzliya, north of Tel Aviv, their main surveillance base in Israel is located about 75 miles south, near the kibbutz of Urim in the Negev Desert.
The base at Urim is one of the largest signal intelligence bases in the world. It’s an entire military camp complete with barracks and operations centers, surrounded by a labyrinth of satellite dishes and listening antennas. The soldiers stationed at Urim are responsible for monitoring everything: phone calls, emails — even transmissions between ships at sea.
Computers at Urim intercept everything and flag anything of interest. Anything suspicious or useful is then sent back to headquarters in Herzliya, where there are three major subunits.
The first and largest, known as “Hatzav”, is the open-source intelligence branch of the unit. They’re responsible for obtaining and analyzing intelligence and counterintelligence from what’s available in the public sphere. Traditionally, that meant TV, radio, and newspapers. Today, it focuses much more closely on monitoring social media, especially in Arab countries.
The second sub-group inside Unit 8200 is called Unit 81, and is the unit’s R&D department. They research and build new systems and technology that Unit 8200 relies on to continue spying on their enemies. This is where the high schoolers building bots and hacking programs want to work.
The third, and most secretive sub-group is known as Gedasim. Their job is to transmit intelligence in the field, in real time, to combat forces who can use it in the heat of battle.
(SFX: Gunshots and battle noises transition into keyboards clacking)
To stay up-to-date, Unit 8200 operates in a complex and unique way, totally distinct from the rest of the IDF. It has a flat, secretive structure where teams operate independently of each other and without much regard for traditional military hierarchy.
In many ways, they model themselves closer to Silicon Valley startups, with smaller teams and an “all hands on deck” philosophy. But they don’t have the kind of money that those tech companies have. So soldiers in Unit 8200 need to do a lot with what little money and personnel they’re given.
The startup-style culture of the unit does have major benefits. Soldiers inside it have far more autonomy and power than footsoldiers in the rest of the military do. If one soldier feels as though their superior isn’t making the right decision, they’re free to go higher up the chain of command with their objections — behavior that would be verboten anywhere else in the IDF.
They can also make individual decisions that affect life and death.
(SFX: Explosion; Jet flying overhead)
In 2003, during an outbreak of conflict between the Palestinians and the Israelis known as the second intifada, Unit 8200 was tasked with delivering information to another unit. The military planned to use that information to destroy a building owned by the PLO. Just hours before, a suicide bomb had killed civilians in Tel Aviv, and the Israeli military wanted to destroy a PLO building in retaliation.
But the Unit 8200 soldier assigned to carry out the order hesitated.
He knew that there were people inside the building who would die — people whose assassination wasn’t explicitly ordered. He believed that destroying the building would be illegal by Israeli law, and a war crime by international law.
So he refused to follow orders. He told his superiors that he was drawing a line and would not pass along the information.
This soldier risked a court-martial and prison time in order to take the stand. Some figures even believed he should be executed for insubordination that was tantamount to betrayal.
But because he was inside of Unit 8200, the government and the rest of the military couldn’t deal with him the way that other branches would. The brand — and structure — of the unit was far too vital to the nation.
So this one soldier’s individual act of defiance caused immediate ripple effects inside the military and political leadership of Israel.
And it worked. The soldier’s stand helped convince the IDF to abandon its plan to bomb the building. In the end, the anonymous soldier wasn’t court-martialled, imprisoned, or executed. However, he was quietly dismissed from the military.
He’d taken a stand, and with the backing of his unit, he won.
(Beat)
But Unit 8200’s prominence also put a target on its back.
On February 20th, 1999, the Lebanese militant group Hezbollah fired six missiles at a battalion headquarters of the Israeli-allied Southern Lebanese Army. The morning afterwards, the SLA battalion searched the surrounding area and discovered two AK-47 clips, an explosives fuse, and a cell phone left abandoned by Hezbollah.
Unit 8200 eagerly took custody of the cell phone, believing they could use it to get into Hezbollah’s communications network.
They took the cell phone to their base in Israel for analysis. But in their zeal to potentially crack their enemy’s network, Unit 8200 soldiers bypassed the normal safety protocols. The cell phone wasn’t put through an x-ray machine to determine if it was dangerous.
And it was.
Inside the lab, past all the security and safety checkpoints, two Unit 8200 soldiers started the work of investigating the phone. They noticed it hadn’t been charged, and was out of battery. So one of the soldiers grabbed a charging cord and plugged it in.
The phone immediately exploded.
(SFX: EXPLOSION)
The tiny explosive in the phone was enough to tear through the walls of the lab and send shockwaves through the entire base.
The two Unit 8200 soldiers working on the phone were seriously wounded. One of them lost his hand.
(Music Transition)
The explosion inside Unit 8200 was no accident. It was a statement of war.
Israel’s enemies now knew all about their secret surveillance operation, and knew that they needed to target it.
As a result, when the 21st century dawned, it became clear that it wasn’t enough for Unit 8200 to gather information and intercept communication. They couldn’t just be a signal intelligence unit. They also had to gain the ability to fight back in the new realm of cyberwarfare.
It was time for Unit 8200 to go on the offensive.
Act III
In the final years of the 20th century and the beginning of the 21st, one Cold War ended while another began.
The Soviet Union had fallen, but the threat of nuclear weapons remained acute, as more countries developed their own programs that could threaten war. And Iran — one of the most prominent political foes of the United States and Israel — was getting close.
The Americans wanted to slow Iran’s nuclear program without it devolving into full-on war. The only way to do it was to get into the Iranian uranium enrichment plant’s computer system and sabotage it from the inside.
But the Americans didn’t have the expertise to pull it off — so they turned to someone who did: Unit 8200. Together, they would launch the most ambitious cyberattack in world history.
(Suspenseful music)
Unit 8200 established an entirely new department, separate and secret from the rest of the unit, to work on the virus alongside the NSA. It was an extremely complex piece of programming, using zero-day exploits in the programming of the centrifuges to speed them up and slow them down so abruptly that the fragile pieces inside broke down.
This worm would later be known to the world as “Stuxnet.”
(SFX: Metal breaking; glass shattering)
When they were finished creating the virus, Unit 8200 handed it off to the Mossad and CIA, who used conventional espionage tactics to get it into the system in Natanz. Once inside the system, Stuxnet began slowly affecting the nuclear centrifuges.
It worked. Centrifuges failed at increasing rates, while the Iranians believed it was due to engineering mishaps or faulty parts. In response, they fired employees and instituted new protocols. They had no idea they were under attack.
For the officers of Unit 8200, it was an unqualified success.
But they also realized that once the world uncovered what had happened, their enemies would strike back.
And a new Cold War of cyber Warfare would start in earnest.
That’s exactly what happened in 2010, when the Stuxnet worm escaped the Iranian facility and found its way onto the internet. Cybersecurity experts around the globe quickly realized what the worm was, and what it was designed to do. There was no containing it now.
And Unit 8200 was suddenly front-page news. Iran now understood what had happened, and vowed to retaliate with their own hacking attacks.
The Americans believed that Stuxnet’s breach onto the internet was the result of the Israelis going too far. Unit 8200 had bitten off more than it could chew.
And the U.S. government weren’t the only ones who believed Unit 8200 had gone too far. Some soldiers inside the unit were also beginning to believe the same thing.
(Beat)
In September of 2014, 43 current and former soldiers in Unit 8200 released an open letter to the Israeli government accusing their unit of using illegal and unethical tactics in the Palestinian territories.
Specifically, the letter revealed that their unit regularly surveilled and collected information on innocent Palestinians through illegal wiretaps and espionage. The final paragraph declared: “We cannot continue to serve this system in good conscience.”
Further testimonies from soldiers in Unit 8200 revealed that, in addition to widespread surveillance, the military often used what information it gathered to force innocent Palestinians to act as informants through blackmail and extortion.
According to the letter, the Unit often looked for innocent Palestinian men who were gay and closeted, or cheating on their wives — and threatened to reveal that information unless they cooperated.
(Music transition.)
The response from the Israeli government to these public revelations was swift. All 43 current and former Unit 8200 members were charged with criminal offenses for disclosing classified details of intelligence operations.
One former commander of the unit opined that he would throw them all in prison.
Ultimately, the prosecution was pared back. The Israeli government issued a reprimand to the 43 soldiers and removed any of the active officers from duty.
And Unit 8200’s work carried on uninterrupted.
In the years since Stuxnet and the reveal of their surveillance work, Unit 8200 has been involved in — or rumored to be involved in — numerous other operations.
In 2014, the unit provided information that an Iranian ship was sneaking weapons into Gaza for Hezbollah, leading the Israeli government to seize the ship. Three years later, the Lebanese government claimed that Unit 8200 launched a cyberattack and spread disinformation through telecommunications about Hezbollah.
Cyberweapons possibly designed by Unit 8200 have infected systems in Lebanon, the Gulf states, Sudan, and even Hungary. In recent years, Iran has accused Israel of launching a second version of Stuxnet that’s even more devastating than the first. It may have even caused fires at Iran’s nuclear facilities in 2020. But like everything in the world of global cyberwarfare, the details are cloaked in secrecy.
All the while, the original Stuxnet worm remains lurking on computers all over the world, propagating itself and looking for more systems to infect. In 2013, it even spread to the International Space Station thanks to a USB drive carried by a Russian cosmonaut.
(Beat)
While Unit 8200 may be the oldest and most elite cyberwarfare unit in the world, other countries are catching up.
In 2014, Unit 8200 hacked into the system of Russian anti-virus provider Kaspersky Lab, which provides software to 400 million users worldwide — including at least twenty American government agencies, including the NSA, the State Department, and the military.
Once inside the system, Unit 8200 planted a sophisticated system of back doors to swipe documents, passwords, emails — and even take screenshots. Using this information, the unit discovered evidence that the Russian government had the ability to use Kaspersky’s software — either with its knowledge or without — to access classified American government information.
In 2015, Kaspersky Lab struck back, and publicly revealed the Israeli intrusion into their system. They published a report detailing how they were breached by a computer virus which they called “Duqu 2.0”, and declared it a relative of Stuxnet. Kaspersky noted that many of the sites attacked by Duqu — including hotels and conference centers — were places where high-level talks on the Iranian-United States nuclear deal were held.
Implicitly, Kaspersky argued that Israel was spying on everyone — Russia, Iran, and even its allies like the United States and the United Kingdom. But the Americans saw this as damage control after Israel revealed their links to Russian intelligence.
In 2016, Unit 8200 saw something even more concerning. They watched in real time as Russian hackers moved through Kaspersky Labs’ software, searching for any classified information and stealing anything they could find.
They alerted the American government, providing them with proof of the breach. The next year, the U.S. government ordered all Kaspersky Lab software wiped from its computer systems.
The executives at Kaspersky Lab denied the allegations that they were working with Russian intelligence. But Unit 8200 is less sure. After all, the founder of Kaspersky Lab is an alumni of a Russian intelligence institute and wrote software for the Soviet Army.
And Vladimir Putin can be very persuasive.
(SFX: water dripping; pipes rattling)
The Russians aren’t the only adversary taking on the Israelis at their own game. In 2020, the Iranian government made good on their promise to retaliate for Stuxnet by launching their own cyberattack targeting Israel’s water system. Iranian hackers tried to increase the amount of chlorine in six Israeli water plants to dangerous levels. Hundreds of Israeli citizens were at risk of poisoning.
The attack was more serious than Israel though Iran was capable of. Fortunately, Israeli cybersecurity officers were able to find and repel the attack before it could do any damage. In retaliation, Israel allegedly retaliated by launching a computer attack against an Iranian port.
Even though it failed, the attack sent a clear message to the Israelis and to Unit 8200. They weren’t the only ones in the game, anymore. Their enemies are prepared to fight fire with fire.
The battlefield has moved online.
Act IV
In the past two decades, as cyberwarfare has become more common and vital, Unit 8200 has gone from a secret branch of the Israeli military to a world-renowned — and feared — force.
And not just for its impact on the geopolitical landscape. But also for the high-profile alumni.
After leaving the military, many Israelis have gone on to start tech companies of their own. It’s become such a common path that many Israeli teenagers, the ones working in military-affiliated programs or winning programming competitions with the hopes of getting recruited by Unit 8200 — really just see it as an intense, high-stakes form of grad school.
These companies formed by former soldiers are the backbone of Israel’s growing technology sector and start-up culture which eclipses almost every other country on the planet. Despite having a population of merely 9 million, Israel is home to more companies listed on the NASDAQ than any other nation except for China or the United States. Many of these start-ups have sold to massive companies like Apple or Oracle for hundreds of millions of dollars.
And it’s due, in large part, to the pool of talent recruited, trained, and cultivated by Unit 8200.
In the late 2010s, the Israeli government began building a massive technology and office park in Beer Sheva. Its ambitions are grand. In the words of Israeli Prime Minister at the time, it is designed to be the “cyber center of the western hemisphere.” Companies like PayPal, Lockheed Martin, and and IBM have offices there,
But, of course, it’s not just an office park. As of late 2020, it also houses the new headquarters of the Intelligence directorate and Communications Division of the IDF.
The Israeli soldiers of Unit 8200 know full well that the wars of the future will be fought on land, on sea, in the air, and in the space between computers. And they’ll never stop striving to be one step ahead.
I’m Keith Korneluk and you’re listening to Modem Mischief.
CREDITS
Thanks for listening to Modem Mischief. Don’t forget to hit the subscribe or follow button in your favorite podcast app right now so you don’t miss an episode. This show is an independent production and is wholly supported by you, our listeners and the best way to support the show is to share it. Tell your friends, your enemies, try screaming it from the hilltops. And another way to support us is on Patreon or a paid subscription on Apple Podcasts. For as little as $5 a month you’ll receive an ad-free version of the show plus monthly bonus episodes exclusive to subscribers. Modem Mischief is brought to you by Mad Dragon Productions and is created, produced and hosted by me: Keith Korneluk. This episode is written and researched by Ryan Lee. Edited, mixed and mastered by Greg Bernhard. The theme song “You Are Digital” is composed by Computerbandit. Sources for this episode are available on our website at modemmischief.com. And don’t forget to follow us on social media at @modemmischief. Thanks for listening!