Original URL: https://www.theregister.com/2007/11/22/israel_air_raid_syria_hack_network_vuln_intrusion/

Israeli sky-hack switched off Syrian radars countrywide

Backdoors penetrated without violence

By Lewis Page

Posted in Networks, 22nd November 2007 13:57 GMT

More rumours are starting to leak out regarding the mysterious Israeli air raid against Syria in September. It is now suggested that "computer to computer" techniques and "air-to-ground network penetration" took place.

The latest revelations are made by well-connected Aviation Week journalists. Electronic-warfare correspondent David Fulghum says that US intelligence and military personnel "provided advice" to the Israelis regarding methods of breaking into the Syrian air-defence network.

Aviation Week's sources apparently said that the first move in the raid was a combined bombing and electronic attack on a Syrian radar site near the Turkish border, which allowed Israeli warplanes to fly in undetected. It seems that there was also some use of old-school brute force jamming.

So far, so conventional. However, Fulghum's unidentified Pentagon contacts also said that after the Israelis crossed into Syrian airspace, US sensors in the region noted that the whole Syrian radar system "went off the air" for some time while the main raid on the Dayr as-Zawr facility (believed to have been a nuclear plant of some kind) went ahead.

Presumably this means that Syrian long-range search radars across the country ceased to transmit. There is no suggestion that the radars were physically destroyed, which is believable as this would have called for strikes on multiple locations, which would probably have become known by now.

AV Week's Pentagon informers don't think that the Syrian power grid was shut down. Again, this would probably have become known, so their assessment is believable. It seems that, rather, centralised Syrian air-defence communications were hacked into. It appears that the Syrians rely on HF and VHF radio for at least some of their anti-air comms/data links, so this could be done relatively easily from aircraft (or even perhaps from across the border, in the case of HF).

There are also suggestions of more conventional network attacks via wired/cabled links, though there's not even a hint as to how the Israelis got access*.

Some of the hacks/spoofs/phreaking may not have been limited to the air-defence nets. There were "some higher-level, non-tactical penetrations, either direct or as diversions and spoofs of the Syrian command and control capability, done through network attack," according to an unnamed US intelligence analyst quoted by Av Week. The magazine promises more details next week, and the teaser is here.

You always have to treat leaks out of the Pentagon with caution. However, the Israelis' remarkably easy in-and-out to Dayr as-Zawr appears to be a fact, and until it happened the Syrian air defences were thought to be quite serious stuff. You'd have said that they would take some days to knock down, and that it would require a big air campaign involving a lot of exploding things. Getting in and out with the defences still up would have risked dogfights with Syrian fighters, or very long, fuel-guzzling, dangerous/impossible low-level flight profiles.

None of that seems to have occurred, so something strange took place. Network hacking seems like a very possible explanation. ®

*That said, special forces were doing missions to cut fibre lines as long ago as 1991 in order to compel the Iraqis to use easily-intercepted radio. There are rumours nowadays that certain teams specialise in attaching equipment to cable links rather than just cutting them.