Cyber Incident Victim: Kahol Lavan
Date:
Jan 2015
Location:
Israel
Summary
The cellphone of Benny Gantz, chair of the Kahol Lavan political alliance, was compromised by Iranian intelligence during an election campaign, enabling unauthorized access to personal and professional data stored on the device. Israeli security officials warned the breach posed risks of potential information disclosure or election manipulation by foreign actors, aligning with broader concerns raised by national cybersecurity authorities about foreign state-sponsored cyber threats targeting electoral processes and critical infrastructure. These threats included potential disruptions to financial systems, utilities, and election outcomes, though Israel's cyber defenses were assessed as robust but not optimal at the time.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
In March 2019, Israeli media reported that Iranian intelligence operatives successfully hacked the personal cellphone of Benny Gantz, then-chair of the Kahol Lavan political alliance and a leading opposition figure during Israel’s election campaign. The breach occurred approximately five weeks prior to the March 14 disclosure, coinciding with the active election period. Shin Bet security service officials personally notified Gantz of the compromise during the campaign, confirming that Iranian actors had obtained full access to the contents of his device, including personal and professional data stored on it. The Shin Bet emphasized the operational security risks, warning that Iran could exploit the stolen information to manipulate electoral processes or selectively release materials after the election. Gantz’s party acknowledged the incident but declined detailed commentary, citing state security concerns, while noting the hack occurred four years after he concluded his role as Israel Defense Forces chief of staff—a detail they suggested raised questions about the timing of the public disclosure. The Shin Bet itself refrained from official statements regarding the incident.
Concerns about foreign cyber interference in Israel’s election had been escalating months before the Gantz breach became public. In January 2019, Shin Bet Director Nadav Argaman publicly warned that a foreign state planned to interfere in the election using hackers and cybertechnology, though he did not explicitly name the nation or its motives. Earlier, in October 2018, National Cyber Directorate Head Yigal Unna cautioned that cyberattacks could disrupt election outcomes, citing threats to critical infrastructure like power grids, financial systems, and electoral integrity. Unna reiterated these concerns at a Hod Hasharon conference attended by senior officials, acknowledging Israel’s defensive capabilities while stressing vulnerabilities. These warnings aligned with intelligence assessments of persistent cyber campaigns targeting Israeli institutions, though no direct technical linkage to the Gantz incident was disclosed in available reports. The cumulative disclosures underscored heightened state apprehensions about adversarial cyber operations during a contentious electoral period.