Hacking or sabotage? US probes 'top secret' leak of Israel's plan on Iran
As Washington investigates a top-secret document leak regarding Israel's retaliation plans to Iran’s recent aerial attack, questions have emerged over whether it was the result of a security breach or an Iran-backed cyberattack.
Two US intelligence documents, meant to be shared exclusively among the 'Five Eyes' nations, were leaked on the pro-Iran Telegram account Middle East Spectator, just as Israel prepares to retaliate for the October 1 barrage of 181 ballistic missiles. The platform's account on X lists its location as the Islamic Republic of Iran.
In a press statement, Middle East Spectator said the channel had no connection to the original source “which we assume to be a whistleblower within the US State Department."
The "top secret" documents, dated October 15 and 16, began circulating online Friday, meant only to be seen by Australia, Canada, New Zealand and the United Kingdom. Several options are now being discussed, including internal strategic leaks and possible state-backed hacking.
Holden Tripplet, a former FBI counterintelligence official, told Iran International: “The leak, if done without official sanction by the US government, may have been intended to dissuade an Israeli strike or at least limit the overall retaliatory response.”
However, Tripplet, who spent 15 years in the FBI, said it could also be the tip of the iceberg. “There may have been other documents leaked along with those which would likely indicate someone in the US government upset with US policy towards Israel in general,” he added. “They may be trying to harm the overall relationship.”
Jason Brodsky, head of policy research at United Against Nuclear Iran, wrote on X that the documents, which had been US surveillance of Israeli military activity in preparation for the retaliation, “risks eroding trust between the US and Israel at a sensitive moment”, the documents “of high value to Tehran as it plans a defense”.
Speaking to CNN, Mick Mulroy, former deputy assistant secretary of defense for the Middle East and a retired CIA officer, said: “If it is true that Israeli tactical plans to respond to Iran’s attack on October 1 have been leaked, it is a serious breach”, he too warning that future coordination between the US and Israel could be challenged as a result.
“Trust is a key component in the relationship, and depending on how this was leaked that trust could be eroded,” he added. CNN cites officials who have verified the authenticity of the documents.
One of the documents , which says it was compiled by the National Geospatial-Intelligence Agency, says it has observed Israel moving munitions around.
Another says it is sourced to the National Security Agency and outlines Israeli air force exercises involving air-to-surface missiles, also believed to be in preparation for a strike on Iran.
The reports also detail preparations of Israeli drone units, transfer of advanced munitions at Israeli air bases and air force exercises involving intelligence planes and fighter jets.
US President Joe Biden has said he will support Israel’s retaliation, but not an attack on Iran’s nuclear facilities.
In 2012, a leak of Israeli plans to attack Iran's nuclear facilities drew speculation that it was a deterrence to the Jewish state which has also destroyed nuclear facilities in enemy states Iraq and Syria.
Brodsky pointed out that “there are many possible culprits: from a hack to a leak. The Iranian regime, with assistance from Russia and perhaps China, has been perfecting its cyberwarfare skills in this regard.”
Only last month, a US grand jury indicted several Iranian nationals and IRGC employees on charges related to hacking efforts targeting Donald Trump’s 2024 presidential campaign.
They were charged with a conspiracy "with others known and unknown to hack into accounts of current and former US officials, members of the media, nongovernmental organizations, and individuals associated with US political campaigns”.
The Justice Department said the activity was “part of Iran’s continuing efforts to stoke discord, erode confidence in the US electoral process, and unlawfully acquire information relating to current and former US officials that could be used to advance the malign activities of the IRGC, including ongoing efforts to avenge the death of Qasem Soleimani, the former commander of the IRGC – Qods Force.”
The latest leak also raises serious questions about internal security among the most senior officials in the US. Brodsky added: “After a series of incidents that have raised serious questions, many people have been concerned about possible Iranian influence and infiltration in the US government, not to mention those with animus towards a key US partner Israel.”
Last year, US Iran envoy, Robert Malley, was suspended after what was described as his mishandling classified information. Malley was placed on unpaid leave and had his security clearance suspended, with the State Department still blocking all efforts to gather further information on the case.
Two influential congressmen suggested in May that Malley lost his security clearance because he had transferred classified documents to his personal email and cell phone, and the documents were then stolen by a hostile cyber actor.
It raises possible questions about the team he had around him who remain in place while the FBI investigates Malley.
Also last year, highly classified Pentagon documents were leaked online, once again risking relations with the country’s allies such as Israel, South Korea and Ukraine, revealing information about how the US spies on allies and foes alike.
Axios reported that US officials said the breach was extremely concerning for Washington.
On Sunday, Israeli officials were declining to comment on the matter while the country continues to fight Iran’s proxies across its borders.