A massive intelligence failure: Israeli security services surprised by Hamas attacks

More than one month after the gruesome attacks conducted by Hamas into southern Israel, questions still linger about how the Jewish state was caught off guard and what went wrong. Most fingers point to a failure to gather and use intelligence from the Gaza Strip, to the wave of low-level violence in the West Bank that shifted military resources there, and to the political chaos in Israel.

A feature story published by Associated Press starts from the premise of the past few years: the border between Israel and the Gaza Strip was highly secured, with plenty of security cameras and soldiers on guard. Intelligence agencies were known to work sources and cyber capabilities in order to extract the information needed to keep the situation calm.

But Israel’s eyes appeared to have been closed in the lead-up to an unprecedented onslaught by the militant Hamas group, which broke down Israeli border barriers and sent hundreds of terrorists into Israel to carry out a brazen attack that has killed 1,400 people, mostly civilians, and pushed the region toward conflict.

Israel’s intelligence agencies have gained an aura of invincibility over the decades because of a string of achievements. Israel has foiled plots seeded in the West Bank, allegedly hunted down Hamas operatives in Dubai and has been accused of killing Iranian nuclear scientists in the heart of Iran. Even when their efforts have stumbled, agencies like the Mossad, Shin Bet and military intelligence have maintained their mystique.

But the October 7 assault, which caught Israel off guard on a major Jewish holiday, plunges that reputation into doubt and raises questions about the country’s readiness in the face of a weaker but determined foe.

“This is a major failure,” said Yaakov Amidror, a former national security adviser to Prime Minister Benjamin Netanyahu. “This operation actually proves that the (intelligence) abilities in Gaza were no good.” Amidror declined to offer an explanation for the failure, saying lessons must be learned when the dust settles.

Israel withdrew troops and settlers from the Gaza Strip in 2005, stripping it of a close handle on the happenings in the territory. But even after Hamas overran Gaza in 2007, Israel appeared to maintain its edge, using technological and human intelligence. It claimed to know the precise locations of Hamas leadership and appeared to prove it through the assassinations of militant leaders in surgical strikes, sometimes while they slept in their bedrooms. Israel has known where to strike underground tunnels used by Hamas to ferry around fighters and arms, destroying miles of the concealed passageways.

Despite those abilities, Hamas was able to keep its plan under wraps. The ferocious attack, which likely took months of planning and meticulous training and involved coordination among multiple militant groups, went under Israel’s intelligence radar.

Amir Avivi, a retired Israeli general, said that without a foothold inside Gaza, Israel’s security services have come to rely increasingly on technological means to gain intelligence. He said militants in Gaza have found ways to evade that technological intelligence gathering, giving Israel an incomplete picture of their intentions.

“The other side learned to deal with our technological dominance and they stopped using technology that could expose it. They’ve gone back to the Stone Age,” said Avivi, who served as a conduit for intelligence materials under a former military chief of staff. The Hamas militants weren’t using phones or computers and were conducting their sensitive business in rooms specially guarded from technological espionage or going underground. But Avivi said the failure extends beyond just intelligence gathering and Israel’s security services failed to put together an accurate picture from the intelligence they were receiving, based on what he said was a misconception surrounding Hamas’ intentions. Israel’s security establishment has in recent years increasingly seen Hamas as an actor interested in governing, seeking to develop Gaza’s economy and improving the standard of living of Gaza’s 2.3 million people. Avivi and others say the truth is that Hamas, which calls for Israel’s destruction, still sees that aim as its priority.

Allies who share intelligence with Israel said security agencies were misreading reality. An Egyptian intelligence official said Egypt, which often serves as a mediator between Israel and Hamas, had spoken repeatedly with the Israelis about “something big,” without elaborating. He said Israeli officials were focused on the West Bank and played down the threat from Gaza. Netanyahu’s government is made up of supporters of Jewish West Bank settlers who have demanded a security crackdown in the face of a rising tide of violence there over the last 18 months. “We have warned them an explosion of the situation is coming, and very soon, and it would be big. But they underestimated such warnings,” the official told AP.

In a conference organized by the Council on Foreign Relations, former US diplomat Martin Indyk, described the situation as ”total system failure”. ”What happened here? Total system failure. It was a complete surprise. Hard to believe, given the way that Israel has penetrated all forms of communication in Gaza. Failure to prepare. Failure to have troops along the border. Failure of the fence along the border that they paid billions of shekels for. Failure—once the Hamas infiltrators came across, grabbed Israeli civilians and soldiers, failure to capture them; they went back into Gaza without being apprehended. It is hard to explain, but it is the combination of that with the sense that this was a dysfunctional government of the far right that placed greater emphasis on protecting settlers in the West Bank than it did on protecting kibbutzniks on the border with Gaza”, said Indyk, who served as a special envoy for Israeli-Palestinian negotiations during the Obama administration

Israel has also been torn apart by political chaos over steps by Benjamin Netanyahu’s far-right government to overhaul the judiciary. Netanyahu had received repeated warnings by his defense chiefs, as well as several former leaders of the country’s intelligence agencies, that the divisive plan was chipping away at the cohesion of the country’s security services.

Indyk said internal divisions over the legal changes was an aggravating factor that contributed to the Israelis being caught off guard. “That roiled the IDF in a way that we discovered was a huge distraction,” he said.

From ”gold standard” to massive lapse

Bloomberg gathered opinions from former US Intelligence officials, who had their scheduled annual meeting on 7 October, just a few hours after the terrorist attacks. So conversations were shifted to the shock of the attack against Israel, why its government was unprepared for the onslaught, and to what might come next.

Former CIA directors Michael Hayden and David Petraeus framed the attack as a massive intelligence lapse in a country that is widely regarded as the “gold standard” for espionage. Israel has spent decades developing complex spy operations, spanning deep networks of informants, sweeping surveillance and, more recently, spyware that can turn cell phones into listening devices. The country stood up its defense force’s Unit 8200 — Israel’s military cyber operators — in the wake of the intelligence failure that preceded the Yom Kippur war, which began almost exactly 50 years before the operation by Hamas. Today, Unit 8200 is the military’s largest intelligence division in the Israel Defense Forces.

Petraeus put the spotlight “in particular” on Shin Bet, Israel’s internal security service. And he indicated Mossad, the country’s external intelligence agency, may have also failed to pick up on regional aspects, and questioned why the Israeli military was not ready.

Norman Roule, a former national intelligence manager for Iran at the Office of the Director of National Intelligence, blamed an “international intelligence failure.” The US, UK and EU all have a responsibility to understand what went on, he said.

Beth Sanner, former presidential intelligence daily briefer, said the Israeli government appeared to have dismissed strategic warning signs of restlessness inside Gaza and failed to understand the imminent, serious nature of the threat. “They fundamentally misunderstood the goals, objectives and capabilities of Hamas,” she said.

Others think that failures may lie far beyond intelligence. Jeffrey Wells, a cyber intelligence expert and visiting fellow at George Mason University, said Israel may have simply had too much on its plate — focusing on Hamas, and on Hezbollah, and on Lebanon, Iran and potential threats from Syria, as well as the growing demands for security in the West Bank amid the expansion of settlements.

Two scenarios for analysis

The Center for Strategic and International Studies (CSIS) came up with an analytic approach about the issue, in a commentary published by Emily Harding on October 11. The explanation of the intelligence failure might be based on two different scenarios: (1) the information was there but was ignored or misread; (2) there was a complete lack of information.

”The first question investigators will ask is whether Shin Bet, Mossad, and the Israel Defense Forces issued warnings of an impending attack. Were warnings specific and actionable, or too general? (...) The intelligence community knew plotting was ongoing, but the warning was too general to result in decisive, preventive action or improved defenses. Policymakers often expect precision: an attack by this entity will occur at this place at this time. Rarely—if ever—does a picture that clear come together. The Hamas assault on Israel may turn into a case of nonspecific warning: some reports indicate that U.S. and Israeli intelligence were watching for rising tensions, but there was no precise warning of an impending attack. The New York Times reported that Israeli intelligence issued a specific warning to border guards immediately before the attack, flagging a surge in activity, but those warnings went unheeded for unclear reasons”, according to CSIS.

Next, investigators will examine whether their services had collected information on the potential attack and were holding it in their systems. If that search turns up information pointing to an impending attack, the next question is why the information in question did not prompt a warning. Was it translated and disseminated? Did analysts read it? If not, why not? If they did read it, why did they discount its importance? If information was there, and analysts missed it or dismissed it, the intelligence services face the most painful outcome: an analytical failure brought on by human error. These are often failures of imagination, where analysts know something is coming, but they neglect to think as big and as ruthlessly as their adversary. If this is the case, the organization needs to carefully consider retraining staff and initiating cultural or staffing changes.

The second scenario assumes that the search for information comes up dry, or the results are quite thin—thin enough that no rational analyst could have connected the dots to warn of a massive Hamas attack, much less on a certain day. Then, the investigators need to explore whether this failure came from collection gaps.

It is certain that Israeli intelligence services planned for multiple routes of entry: SIGINT, phone and internet tapping to read the adversary’s communications; IMINT, overhead images of adversary activity; and HUMINT, human sources reporting on the inner workings of an adversary. But it is possible that Hamas closed all the gaps.

Gaza is a closed society, and Hamas is in charge of most things. Someone spying for Israel would risk both death and the safety of their entire family. It is possible that human sources were either not reporting or had been discovered.

Regarding SIGINT, Iran might have provided assistance with cyber defense, much like Tehran provides rocket technology and financial aid to Hamas. It is possible that in the run-up to such a large operation, Hamas, with Iran’s help, undertook an extensive cyber cleanup campaign.

Further, Hamas engaged in a classic denial and deception scheme. On a line they knew was monitored by the Israeli services, they talked to each other about how they were not eager to renew hostilities and were still recovering from the two-week conflict in May 2021. The scheme worked: in a briefing for senior Israeli security officials in the week preceding the attacks, briefers assessed that Hamas had been effectively deterred.

Hamas might have kept the planning circle for the attack very small, and when it needed to expand to include all the players, they almost certainly compartmentalized the planning. The paragliders likely had no idea about the pending rocket attack; the amphibious operators likely were unaware of the effort to breach the border wall. Only a small number of people would have known the full extent of the plan, and they would have been careful to discuss it only in person, with cell phones outside the room.

Ray Takeyh, Senior Fellow for Middle East Studies with the Council on Foreign Relations suggests that the fault might lie with the political side: ”All governments after a disaster do a commission to figure out what happened. And you will see in those analysis that information was available about this sort of thing coming up. It’s not so much the lack of information being available regarding Hamas mobilization, it’s how was that information interpreted, and why does senior political officials ignore it? Because in almost every case of intelligence failure—and I have looked at particularly the 1979 Iran Revolution—there is a lot of information available about impending problems. But somehow that information is not digested by political leaders in a timely effective way. And they turn around immediately and say intelligence failure”.