Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Israel Seeks to Beat Election Cyber Bots

Amy Spiro is one of many Israeli journalists who recently received a direct message on her Twitter account linking to a sensational news story.

The sender, using the Jewish-sounding name “Bina Melamed”, directed her to a fake story falsely alleging former Israeli defence minister Avigdor Lieberman was a Russian spy.

Amy Spiro is one of many Israeli journalists who recently received a direct message on her Twitter account linking to a sensational news story.

The sender, using the Jewish-sounding name “Bina Melamed”, directed her to a fake story falsely alleging former Israeli defence minister Avigdor Lieberman was a Russian spy.

“I just ignored it until I saw a lot of other people were talking about it,” said Spiro, who works for the Jerusalem Post.

She avoided falling victim to the ruse, but four Israeli journalists — hoodwinked by the article appearing on a rogue but convincing duplicate of Harvard University’s website —  spread the story, before it was exposed.

Bina Melamed, which turned out to be a fake account operating from Turkey, has become a cause celebre of attempts to propagate fake news in Israel through bots.

And cases of cyber sabotage are rising, ahead of April elections.

So a coalition of Israeli diplomats, programmers and hackers have joined forces to stave off threats — including from hostile states — by identifying networks on social media and getting them removed.

In some cases, like Bina Melamed, disinformation makes its way from social to professional media. 

Advertisement. Scroll to continue reading.

“We blocked that within 24 hours by contacting them (the account holder) directly,” said Elad Ratson, a foreign ministry diplomat who spearheads Israel’s efforts against fake news bots.

– From fake to ‘real’ news –

Digital intervention could aim to sway Israel’s election results, according to Itai Brun and David Siman-Tov, researchers at the Institute for National Security Studies in Tel Aviv.

But beyond supporting one Israeli candidate over another, foreign cyber intervention could be an opportunity “to deepen polarisation in Israeli society and damage public faith in the democratic process,” they wrote in a recent paper.

Nadav Argaman, head of the Shin Bet internal security agency, raised concerns in early January. Privately-owned Hadashot television news quoted him warning of a cyber intervention in the April 9 poll by a foreign state.

On Tuesday, Prime Minister Benjamin Netanyahu said Israel was foiling cyber-attacks from Iran daily, without specifying the nature of the attacks.

Insiders say Shin Bet has a significant and capable cyber unit, but the foreign ministry is leading public engagement with social media giants.

Ratson said companies like Facebook and Twitter “don’t like dealing with states” but can stomach the softer approach of diplomats.

The foreign ministry began working in 2015 to form “a broad coalition” of experts who could help keep the public discourse uncontaminated by sabotage, he said.

Since the alleged Russian campaign aimed at tipping the US election in favour of Donald Trump in 2016, “we were preparing for when elections would take place in Israel and we’d be the target,” Ratson added.

“We have identified five foreign attempts of disinformation in a level of sophistication indicating a state involvement” since it became apparent in November that Israel was heading for early elections, he said.

Two of the Israelis collaborating with Ratson are Sharel Omer and Ran Margaliot, co-founders of commun.it, a company that deals in social media management and risks to brand reputation.

They are experts in identifying networks of bots that will interact with a central fake account and other real accounts, lying largely dormant until it is time to act.

“The goal of the bot networks is to take a narrative from the realm of Twitter and Facebook and transfer it into the ‘traditional’ world,” Omer said.

“Once a ‘traditional’ reporter writes it in a serious newspaper, the fake news becomes real news.”

Omer and Margaliot will follow suspect accounts and networks and establish evidence they are illegitimate attempts to artificially instill a narrative before presenting findings to Twitter so that the media giant can shut the accounts down.

Hundreds of Twitter accounts have been closed due to their work, Omer said.

– ‘Platforms for people’ –

Alongside the US, Britain, France and the Ukraine have been widely cited as recent targets of state-orchestrated cyber campaigns.

While the Shin Bet and Ratson refused to name the countries of origin for networks targeting Israel, independent hacker and activist Noam Rotem is less cautious.

He names Saudi Arabia and Iran, “and we’re pretty sure Russia”.

Rotem noted that his project to monitor the Israeli internet for “suspicious, non-organic” activity aimed at “influencing things by amplifying messages” uncovered local networks too.

The motivation of each network is not immediately apparent in most cases. Commercial interests sometimes come into play, he said.

Rotem and his partner Yuval Adam will present their findings on malicious networks to Twitter when the time is ripe.

“If they don’t listen to us, we involve other professionals like Ratson from the foreign ministry,” he said.

To Rotem, safeguarding the Israeli internet ahead of the elections is part of a broader ideal.

“Our goal is to distance these foreign influences and leave the platforms the way democracy would have it — for people,” Rotem said.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.