IDF stopped hackers from hitting US power plants – Unit 8200 official

This is the first time a current Unit 8200 official discussed such sensitive cyber intelligence sharing in public.

The deputy chief of IDF Unit 8200, Col. U., on Wednesday said that his intelligence agency had warned the US of attempts to hack the country’s power plants in time to thwart the cyberattack.

Although this was not the first time these warnings to the US have been made public, it was the first time a Unit 8200 official had discussed sensitive cyber intelligence in public.

The most well known example was Israel’s 2017 warning to the US about Russia’s Kaspersky antivirus software being used as a way to backdoor spy on them or plant malware.

Col. U. recalled that an “adversary [Iran] attacked water facilities in Israel. We saw this attacker attempting to poison the water in an attempt to claim human lives. We mitigated that threat far ahead.”

“Another adversary attacked Israel,” and in the process of stopping the cyberattack, “we also found that they were attempting to target US power plants as well. This was the first indication of this attack. It enabled preventing this threat, through tight collaboration with our fantastic American partners,” he said.

In 2020, then energy minister Yuval Steinitz revealed an attempted cyberattack on Israel’s energy sector, which was thwarted.

“We’re Israel’s SIGINT”
Introducing his unit, U. said, “We’re Israel’s national SIGINT [Signal Intelligence] and Cyber Unit and are part of the defense intelligence in the IDF. Our mission is intelligence collection and [combating] crucial threats to Israel for the IDF and for Israel’s policymakers. We are also a major player in the cyber domain in Israel and in Israel’s cyberdefense.”

“We’re Israel’s national SIGINT [Signal Intelligence] and Cyber Unit and are part of the defense intelligence in the IDF. Our mission is intelligence collection and [combating] crucial threats to Israel for the IDF and for Israel’s policymakers.”

Col. U.

“Like it or not, we work in quite a tough neighborhood. This leads to ongoing high friction in a dynamic and intense environment,” said U. “We have new challenges each day. When we succeed we save lives. When we fail this becomes a major problem for our nation.”

“Counter cyber operations are a major part of our operations,” he added. “Once we obtain superiority over the attacker, we then act to deny their capabilities. First of all, by collaborating with industry and other agencies, but, if necessary, we do it on our own, implementing ‘our tools’ at some point, somewhere along the attack stream. 8200 won’t rest until the threat is removed.

“We are privileged to have a huge amount of talent. Each year, we recruit between 1,000 to 2,000 of the brightest girls and boys in Israel as they join the IDF at the age of 18. This also makes our personnel very young. 73% are under the age of 23.”

“Our core values are democratic values and ethics. We have military decision-making procedures while allowing individuals to express their opinions and concerns,” the Unit 8200 deputy chief said.

“We are here and we are willing to collaborate. Most of what we do will have to remain top secret, but some aspects of the way we do it can and should be discussed. We are preventing cyber threats against Israelis and we ensure that Israel remains the leading power in technology and cyber in our region.”