On November 18, Israeli time, a man employed as a cleaner at the home of Israeli Defense Minister Benny Gantz was charged with attempting to spy for an alleged Iran-linked Black Shadow attack group. Activity. This is very strange, either because the Iranian side has been successful in its work, or it shows a huge loophole in the Israeli side’s hiring of staff for high-level officials. It seems that in the Internet age, the informant network and HUMINT are not out of date.
Resident Omri Goren Gorochovsky, 37, was arrested on Nov. 4, according to an indictment published by the Israeli Ministry of Justice. The warrant for Gorochowski said he had an extensive criminal history, including five convictions and a record of various crimes including bank robbery. That has raised questions about how he was hired to work from the home of a high-ranking official like Israel’s defense minister.
In a separate statement, the Israel National Security Agency said Gorochowski never had access to “classified material,” so there was no real harm in stealing Israel’s state secrets.
The indictment alleges that Gorochowski and his partner worked as cleaners at Defense Minister Gantz’s home in Roshhain, outside Tel Aviv.
Following the high-profile cyberattack, Gorochowski allegedly contacted Black Shadow via Telegram around October 31 and offered to deliver a message from Gantz’s home. Sombra was described as “affiliated with Iran” in Gorochowski’s indictment.
Israel alleges that the suspect, using a false name, “identified himself as someone who worked in the home of the Israeli Defense Minister and pointed out that he was capable of assisting the group (Black Shadow) in various ways.”
According to the indictment, Gorochowski told representatives of Black Shadow that he would get “money” by conveying the message through the malware he proposed to implant on the USB device. The indictment also alleges that in order to prove his credibility, Gorochowski sent photos of various items in the minister’s home. These included Gantz’s desk, a package with a sticker of an IP address, memorabilia from Gantz’s previous tenure as chief of staff of the Israeli Armed Forces, family photos and receipts for property tax payments.
The NSA said the espionage attempt was quickly thwarted, and Gorochowski was arrested just days after being exposed to Black Shadow.
Late last month, Sombra’s alleged cyberattack against Israeli internet service providers drew widespread media attention. The hacking group has yet to admit to any ties to Israel’s sworn enemy, Iran, and has been blamed for repeated attacks on Israel’s internet infrastructure.
In a recent attack, it gained access to Israel’s largest database of LGBTQ dating sites and released sensitive personal data, including HIV status, of about 1 million users.
See also: Suspected Iranian hacker group ‘Black Shadow’ takes down Israeli internet firm and threatens to release sensitive data
The group also infiltrated an Israeli insurance company, stole a large amount of data, and leaked it when its ransom demands were not met.
The Black Shadow hack was part of a years-long secret war between Israel and Iran that included physical attacks on ships and online offensive cyber operations.
Israel’s National Security Agency said it had also launched an investigation “to reduce the likelihood of such incidents recurring in the future”.
The exposure of this incident is both strange and terrifying.
The suspect Gorochevsky took the initiative to contact the representative of the Sombra organization. The Iranian cyber espionage organization suspected by Israel is more than the Sombra. Why did he contact it only?
Suspect Gorochowski claims that it is only for money, can this be believed?
The suspect, Gorochowski, knew that he would convey information via malware that he proposed implanting with a USB device. This is difficult to match with his background as a cleaner!
The suspect, Gorochowski, contacted Sombra through the Telegram instant messaging tool, and was located and arrested a few days later. It shows that Israel’s monitoring of instant communication is very effective. Telegram, Discord, Wickr, Wire, etc. are the main anonymous chat software with good security.
How terrible would it be if the suspect, Gorochowski, was planted or rebelled by the Iranian side? How the staff around senior Israeli officials scrutinized, exposed major loopholes in Israel’s work.
While cyberspace is transforming espionage, national security agencies employ machine learning and open source data to enhance their analytical capabilities. HUMINT and informant networks are still necessary for some jobs. Human-to-human, face-to-face communication may be inevitable as digital technologies such as virtual reality mature to build trust between officials and informants.