'State' Comptroller audit reveals IOF vulnerabilities: Israeli media
Israeli media reports that "State Comptroller" Matanyahu Englman said the Israeli occupation forces had "significant gaps" its cybersecurity.
The Israeli occupation's "State Comptroller", Matanyahu Englman, revealed that the occupation had several "significant gaps" in its infrastructure and cybersecurity, Israeli media reported on Tuesday.
Reportedly, the Israeli occupation's military, water and transportation networks, and tax system are all flawed, with various lackluster defenses against cyberattacks, Englman said, as reported by Israeli Channel 14.
The report said that there was an inadequate system to provide protection for the Israeli occupation forces' cyber systems.
Additionally, the database that contains sensitive information about current and former Israeli occupation soldiers also has various vulnerabilities in it. The database namely contains the dental records, fingerprints, and blood samples of hundreds of thousands of current and former Israeli soldiers.
The report found that the information systems were not managed in an efficient manner and in compliance with the means for managing information systems projects. Therefore, there are concerns about the biometric systems' ability to fulfill their purposes.
According to Channel 14, the Israeli occupation forces have three central information systems for managing the identification process. Namely, they are System A and system B, both of which manage the biometrics database, and they are required to meet a high level of security in accordance with information security regulations. The third system, System C, manages and records how the collected biometrics and the identification process.
Englman stressed the need for the Israeli occupation to follow the stipulated requirement, warning that doing otherwise would jeopardize the IOF's records, thus harming their credibility. Neglect would also jeopardize the secrecy of the IOF soldiers' personal data.
The audit found that the Israeli occupation's cybersecurity policy had not been updated since April 2015, a time that saw technologies undergoing various changes and upgrades, meaning the IOF's security was outdated by seven years.
System A and System B are both under mediocre immunity despite being classified as secret. The report said they are required to meet a high level of security in accordance with information security regulations, noting the dangers a leak of personal information would pose.
The Privacy Protection Authority had several shortcomings as well, as it did not conduct cross-sectional audits and oversight operations on the IOF's databases to ensure that they complied with information security regulations.