BreakingPoint Security: Does Israel Spy on State Agencies?

(This article was updated. A previous version omitted the apology of Mr Robertson and its link to Israel’s spying on the U.S.)

Video screenshot: Charles Fisher/YouTube

The Israeli industrial espionage company BreakingPoint Security says that, unbeknownst to Israeli diplomats in the U.S., the company had been compiling a dossier on U.S. employees who worked on a base in Africa. The company’s employees in Africa operate with the same technology that Israel claims to have used to spy on almost every foreign diplomat in the U.S. in the 1990s.

BreakingPoint’s spying operation appears to have been aimed in part at employees of the U.S. embassy in Ghana who are assigned to the Millennium Development Program, which is a branch of the U.S. Agency for International Development. To make its web tools accessible to African politicians and their employees, the U.S. requires the mandatory submission of their electronic information to the U.S. Government Electronic Mail System, or G-Mail. What BreakingPoint couldn’t steal through their X12 computers in Atlanta, Georgia, they managed to lift from the G-Mail servers in the U.S. Embassy in Ghana.

The unconfirmed report has sparked a debate about the authenticity of the cybersecurity operations, made public recently in a blog post from BreakingPoint’s security consultants Charles Fisher and Donald Robertson. They blame the unconfirmed report on Israeli authorities, who, they argue, would only know how many exposed emails BreakingPoint employees had put in G-Mail as well as the country of origin of each one. They also fear that this digital data will be used to blackmail employees in Africa.

Israel has long used information regarding the computer systems of foreign embassies and their employees to blackmail and intimidate. The X12 computers in Israel’s Interior Ministry, which handle the country’s electronic records, were first exposed in 1996 by a hacker who defaced the computers by changing the window to read “ROSSFROG VID-BREAKIN.” The tables were later turned, and the security services there were communicating with internet service providers in Africa that used the X12 computers.

The development of X12 computers was initially conducted in secret at Israeli corporation QAD, which is largely owned by the Israeli government. In 2003, BreakingPoint acquired QAD. The National Security Agency and the Department of Homeland Security were both secretly used to develop this digital intelligence.

In 2005, the year QAD was sold to Cisco Systems, Communications Security Establishment was located in Stamford, Connecticut. The body works for Israel’s National Security Agency and Defense Ministry to counter state-sponsored cyberattacks, including those against Israeli companies.

It’s not clear why the Israeli company purchased the servers and other electronic equipment from Cisco. Once the details of the spying operation had been exposed, Cisco deleted all the files from the network, presumably to ensure that they do not fall into the hands of foreign intelligence agencies.

BreakingPoint has publicly acknowledged selling its tools to assist with Israel’s cyber warfare efforts, which include software for stealing military networks and crucial military information from enemy countries. The company also sells this same software to victims of industrial espionage.

The Wired article also makes several references to Der Spiegel, a German magazine, which it says may have had access to BreakingPoint’s network, having infiltrated its offices. The company’s employees in Atlanta later openly admitted to Wired that the U.S. embassy in Ghana is not the only Kenyan target of this spying operation.

[Featured image: United States ambassador to Kenya Robert Godec, left, and U.S. embassy contractor Rafael Del Pino. | AP]

Leave a Comment