Cyber Incident Victim: Benny Gantz's cellphone
Date:
Jan 2015
Location:
Israel
Summary
Iranian intelligence breached the cellphone of Benny Gantz, a senior Israeli political figure and election rival to Prime Minister Benjamin Netanyahu, during an election campaign. The Shin Bet security service informed Gantz that the hack compromised personal and professional data stored on the device, posing risks of potential election interference through information disclosure or manipulation. Israeli officials had previously warned of foreign state-backed cyber threats targeting election integrity, including attacks on critical infrastructure and attempts to influence electoral outcomes. The incident underscored broader concerns about nation-state actors exploiting cyber vulnerabilities to disrupt democratic processes.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
The hacking of Benny Gantz’s cellphone by Iranian intelligence was disclosed during Israel’s 2019 election campaign, as reported by Israel’s Channel 12 on March 14, 2019. Gantz, then chair of the Kahol Lavan political alliance and a leading rival to Prime Minister Benjamin Netanyahu, was notified approximately five weeks prior by two Shin Bet officials that his private device had been breached. The intrusion occurred during the active election period, granting Iranian operatives access to personal and professional data stored on the device. Shin Bet emphasized the operational security risks, warning that Iran could exploit the stolen information to manipulate the election outcome or release damaging content post-election. Gantz’s party confirmed the incident but refrained from detailed commentary, noting the breach occurred four years after his tenure as Israel Defense Forces chief of staff ended in 2015 and questioning the timing of the disclosure. The Shin Bet declined to publicly address the report, leaving technical specifics about the attack vector, data exfiltration scope, and remediation steps undisclosed.
Concerns about foreign cyber interference in Israel’s election had been escalating for months prior to the Gantz breach. In January 2019, Shin Bet Director Nadav Argaman publicly warned that a foreign state planned to disrupt the election using cybertechnology, though he did not name the actor or specify its objectives. By October 2018, Israel’s National Cyber Directorate Head Yigal Unna had cautioned that cyberattacks targeting critical infrastructure—including elections—posed a systemic threat, citing risks to electrical grids, financial systems, and electoral integrity. Unna reiterated these concerns at a Hod Hasharon conference attended by senior officials, including Education Minister Naftali Bennett and outgoing IDF Chief of Staff Gadi Eisenkot, acknowledging Israel’s cybersecurity preparedness as suboptimal despite defensive efforts. The Gantz incident exemplified these broader vulnerabilities, aligning with intelligence assessments of state-sponsored operations aimed at influencing democratic processes through digital espionage and data manipulation. No subsequent public disclosures confirmed whether Iran weaponized the stolen data or if additional mitigations were implemented beyond the Shin Bet’s private notification to Gantz.