Hamas’ online terrorism

Almost everyone is active on at least one social network and updates his/her personal profile from time to time. IDF soldiers are not excluded from this phenomenon of information sharing, which makes their social media platforms susceptible to terrorist organizations interested in extracting sensitive intelligence about the IDF.

Hamas cyber terrorists are characterized by the various tools they use to adapt to the changing technological environment. The Information Security Department is already aware of attempts to get information via the internet, as this has happened before. Last year, Operation Hunters Battle exposed the false identities Hamas used in order to raise soldiers' awareness of the phenomenon and the importance of reporting incidents when they happen.

In January 2018,  another report surfaced about a suspicious figure on Facebook named Lina Kramer, who had a conversation with a soldier on Facebook and later on Whatsapp. She even had an Israeli phone number. While this incident was similar to the ones last year, there was one striking difference. Instead of trying to entice the soldier to download a virus through an illegitimate source, the terrorist asked the soldier to download an app called "GlanceLove" from the official application store.

Colonel A., the Head of the Information Security Department said, "Not long after the first attacker approached us, we’d already begun receiving dozens of reports from soldiers about suspicious figures and apps on social networks. Upon investigating the reports, we uncovered  hostile infrastructure that Hamas tried to use to keep in contact with IDF soldiers and tempt them to download apps that were harmful, and use the soldiers to extract classified information."

Sometimes, to try to cover up their incorrect Hebrew, the terrorists running the profiles say that they are new immigrants. Once the infected application is downloaded, terrorists can collect contacts from the phone, enable access to SMS messages and call history, locate the phone and control the volume in order to listen to the user, download and remove files and applications, collect files and pictures, and even take pictures from the device.

"In the framework of Operation Broken Heart, we have a number of tasks: first and foremost, to refresh the guidelines for intelligence activity online for all soldiers," Col. A explained. "Second, to operate a regular operations room to receive reports and to use the wisdom of the masses to continue identifying other suspicious characters and apprehensions. Thanks to the soldiers' awareness, alertness, and willingness to report the incidents, Israel’s security was not damaged.”

"It was a normal day," said L., who until three months ago was a regular soldier in his unit. "I got a message on Facebook that looked innocent at first, from someone named Lina Kramer, we started talking on Facebook, then we moved to Whatsapp, and then she asked me to download an app called GlanceLove. When I looked at her profile, I saw that it had content, and that she had an Israeli phone number," L. said about Lina Kramer, one of Hamas' fictitious profiles.

L's conversation with Lina Kramer reached its peak when she asked him to download an app to his device. “At this stage, my suspicion was final, and I decided to consult a friend who helped me understand that it was a fictitious profile with malicious intentions. From there I turned to the information security officer in my unit who helped me. "

What L didn’t expect was that his report would expose an entire Hamas terror cell that uses social media as a means of penetrating the IDF soldiers’ personal devices and extracting sensitive information.

"I was proud that I helped security forces stop Hamas and prevented other soldiers from becoming victims. If a stranger starts talking to you on Facebook or Instagram, always look with a suspicious eye and always question the situation," said L..

In order to protect Israel’s security, the Information Security Department has issued updated guidelines that instruct soldiers how to act if they encounter a fictitious profile. Additionally, the department has made a conscious effort to raise awareness of this issue and emphasize the importance of soldiers’ reporting suspicious incidents.