By Amos Harel
July 25, 2007 Av 10, 5767
A breach in the Israel Defense Forces' computer security system enables
ordinary soldiers to access top-secret documents, a reserve officer has
The army said that it is aware of the problem and is working to solve
The IDF maintains an internal computer network, Tzahal-Net, and almost
every IDF office has computers connected to the network. The army's
communications department has reported in the past that about two-thirds
of all soldiers use the network at least once a day.
Captain (res.) Amos Kahan, a doctor, discovered the security breach
while on reserve duty about a year ago, when he searched the words "top
secret" on Tzahal-Net.
The results gave him access to dozens of documents classified as top
secret, including information on classified weapons, plans for defending
various sectors of the country and the army's multiyear plans.
In June 2006, he sent a letter to the heads of both the communications
department and the information security department to inform them of his
In the letter, he pointed out that the problem was twofold: First,
top-secret documents should not be on the network at all; second, the
network includes no filters to deny unauthorized people access to the
He did not receive a written response, but says he was told orally that
the army was aware of the problem, and that the information security
department routinely punished units that posted top-secret documents on
the network by closing down their Tzahal-Net sites for specified
Last week, however, Kahan completed another stint of reserve duty,
during which he discovered that nothing had changed: A search for the
words "top secret" once again brought up top-secret documents, including
one territorial brigade's emergency deployment plans. Once again, he
complained to senior General Staff officers - but this time he
complained to Haaretz as well.
In response, the IDF spokesman said that the army "is not familiar with
the complaint from last year." However, Kahan's new complaint, submitted
last week, was immediately passed on to the relevant parties.
"The IDF is investing a great deal, both in technological tools and in
raising awareness, in order to eliminate this problem," the statement
continued. "Significant violations are dealt with accordingly. We wish
to thank Captain Kahan for his vigilance."
Attend Black Hat USA, July 28-August 2 in Las Vegas,
the world's premier technical event for ICT security
experts. Featuring 30 hands-on training courses and
90 Briefings presentations with lots of new content
and new tools. Network with 4,000 delegates from
70 nations. Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on
June 1 so register today. http://www.blackhat.com