The Next Front?
Assessing Israel-Gulf Cybersecurity Cooperation
by Arnold Koka
International security is an ever-evolving field. In the Middle East, with tensions rising, there is a clear push to develop non-traditional means for dealing with non-traditional challenges. Cyberspace offers a particular operational theatre defined, in part, by: plausible deniability, difficulty in retaliation and the high cost-effectiveness ratio. These are very attractive for the actors involved in the low-intensity, war of attrition being waged between Iran and its asymmetric allies (on one hand) and Israel and the Gulf monarchies and their allies (on the other). Given the intersection of Israel’s and the Gulf Cooperation Council (GCC) countries’ security interests in tackling Iran’s activities, cooperation in cybersecurity is rapidly emerging as a key element in Israel-Gulf security dynamics.
The most recent example of such collaboration came in April 2021, when the United Arab Emirates’ (UAE) Signal Intelligence Agency (SIA) reported that it had shared intelligence with Israel over a cyberespionage campaign discovered in January 2021.[i] The campaign had been reportedly led by a cybercrime group called ‘Lebanese Cedar,’ allegedly tied to Hezbollah’s cyber unit, and had affected 250 companies worldwide, including in the United States, United Kingdom, Israel, UAE, Egypt and Jordan.[ii] This collaboration was seen as a reflection of a maturing relationship forged on the basis of the 2020 Abraham Accords, which formalised diplomatic relations between the UAE, Bahrain and Israel. Although the Accords have facilitated relations in the different fields, cyber partnerships between Israel and the GCC countries preceded the agreements and extended to countries out of the deal including, Saudi Arabia.
A Quiet Partnership?
A notable, early, case of cybersecurity cooperation occurred in 2012, when the Iranian-developed Shamoon virus hit Saudi Arabia’s oil giant Saudi Aramco and Qatar’s RasGas. A landmarking cyberattack that destroyed data from 30,000 devices connected to Aramco’s network, causing serious economic and brand damage to the company. As reported by high-tech entrepreneur and former Israeli parliamentarian, Erel Margalit, at that time, Israel’s cybersecurity firms assisted Saudi Arabia in dealing with the attack.[iii] The Saudi Arabia-Israel cybersecurity relationship also commenced in the counter-terrorism sector as Riyadh engages with the Israeli company IntuView, which uses artificial intelligence for mining intelligence from online texts, in order to monitor terrorist threats on social media channels.[iv]
In the UAE, Israeli cyber firms have provided services in the security sector for years. In 2008, the UAE signed a deal with AGT International, a Swiss-based Internet of Things (IoT) company, for a massive security and surveillance systems of its national borders, the Abu Dhabi area and the country’s oil facilities.[v] AGT International subcontracted the project to the Israel-based company Logic Industries, which provided the actual cyber expertise for its development. The company is reported to have regularly deployed its Israeli employees to the Emirates for professional reasons, although maintaining such moves undisclosed.
Discretion over Israel-Gulf ties was maintained due to the lack of political official ties—a condition which has now changed for the UAE and Bahrain. Previously, bilateral relations were filtered by pass-through companies located in Europe or the United States, that would later mandate the projects to Israel-based companies in order to provide the necessary cyber expertise. Such discrete cooperation highlights two relevant points: first, for the most part, the Gulf countries maintain a politically-generated position to Israel but, second, there has been — for sometime — a willingness, perhaps necessity, to adopt cybersecurity and IoT solutions from Israel—a major cyber actor globally. The scope of the now-disclosed collaboration hints at a wider presence of services provided by Israeli companies, as well as to a noteworthy financial flow tied to the cyber field.
Obstacles and Opportunities
As the Gulf states remain tight-lipped about their cybersecurity cooperation with Israel they have been able to strike a balance between their political and technological needs. However, this framework retarded:
Effective business-to-business collaboration;
Further developing a highly skilled cybersecurity workforce through joint training programmes;
Better performing cyber-intelligence between national agencies as well as national emergency response teams.
Against the backdrop of the Abraham Accords, such issues can be openly addressed and positive results may be forthcoming in terms of economics and security. The economic size of the cybersecurity market in the region is particularly relevant, with markets evaluations of between $8 to $15 billion annually, and projections assessing compound annual growth rates of between 12% to 14% by 2025.[vi] In 2019, Israel cyber exports amounted to $6.5 billion, while the UAE had estimated their cybersecurity market at $490 million.[vii] Bahrain’s cybersecurity market, which is relatively smaller, is likely to receive a boost as it is estimated that Manama’s Information and Communication Technology (ICT) investments will increase from $1.4 billion in 2019 to $2.1 billion by 2024.[viii]
Regardless of the markets’ specifics, the Gulf countries’ National Vision strategies, with their massive investment plans into the development of artificial intelligence and advanced technological capabilities, make room for further speculation over growth of economic opportunities related to the cyber field. The Gulf states aim to ensure an elevated level of cybersecurity seen as crucial for defending critical infrastructure and ensuring stable development of their national Vision plans. Despite grand projects of government digitalisation, smart cities and plans to become world-leading technological hubs, the Gulf countries still lack the necessary cybersecurity ecosystems, required to protect the related digital setups. Israel-Gulf cooperation could therefore play a key role in allowing the GCC countries to achieve resiliency of their critical infrastructure, counter cybercrime and properly address threats delivered by regional and international foes.
An Eye to the Future
Cybersecurity challenges faced by the Gulf states and shared by Israel stem from a number of state and non-state actors, although the most acute threat emanates from Iran’s budding cyber warfare capability. At present, Iran is engaged in talks in Vienna to resuscitate the Joint Comprehensive Plan of Action (JCPOA) with China, Russia, Germany, France, the UK, the European Union and the US. However, this should not be understood as an Iranian back-step in honing its other capabilities. Indeed, Iran’s cybersecurity threats will remain a persistent part of Tehran’s security toolbox because — as it is for others that engage in these dark arts — cyberspace offers an ideal environment for plausible deniability and for conducting low-intensity attacks. Iran’s cyber activities are destined to grow. Cooperation between the Gulf states and Israel in the cybersecurity field will, therefore, provide economic opportunities and a cybersecurity ecosystem, based on joint exercises, intelligence sharing and shared emergency responses practices. These will add a degree of sustainable stability to allow the wider region to more comprehensively develop. In other words, the future of the Middle East may be tied to cybersecurity cooperation and the Gulf-Israel relationship is the lynchpin.
27 April 2021
[i] Omer Benjakob, ‘Israel and UAE Shared Intel on Hezbollah Cyberattack’, Haaretz, 5 April 2021,