A yearslong influence operation by Iran has been stoking the flames of social, cultural, and political unrest in Israel.
The scheme has had three distinct phases. The first, which began three years ago, pitted Israel’s ultra-Orthodox and LGBTQ+ communities against one another. The next focused on embittered political discourse between the left and right. The third campaign, still ongoing, is focused on Israel’s war with Hamas.
In its new report, Recorded Future’s Insikt Group determined — based on behavioral and contextual evidence and overlaps with prior reporting from Microsoft, Israel’s Shin Bet internal security service, and the newspaper Haaretz — that the operation is perpetrated by a likely Iranian state-backed advanced persistent threat (APT) it calls “Emerald Divide” (aka Storm-1364).
Three Years of Iranian Influence Ops in Israel
Like Russia and China, Iran seeks to capitalize on existing divides to foment unrest in its enemy nation.
Emerald Divide’s efforts began in 2021, using generative AI and social media to impersonate rabbis. For example, the group created a YouTube channel on behalf of the well-known Rabbi Shlomo Amar, mixing real videos of the man with faked speeches about homosexuality and women over still imagery. Emerald Divide then used accounts purporting to align with the LGBT+ movement to post fake criticisms of the fake rabbi comments it itself generated. This counterfeit echo chamber purportedly inspired one individual to display an Emerald Divide poster in Tel Aviv’s busy Rabin Square.
Emerald Divide sensed an opportunity in 2023 when Israelis took to the streets by the hundreds of thousands to protest backslides for the judicial system. It shifted to focus on the political left versus right, with a campaign similar to the first —social media accounts to support both sides — save for a few additions. Notably, this operation harvested protestors’ personally identifying information (PII) by directing them to fill out a Google form. “Protests are expanding and continue to grow and we need new partners! Want to cooperate for a better future of the country? Please fill out the form,” the form read.
Emerald Divide’s most recent, ongoing campaign, like so many other influence operations since Oct. 7, focuses on Israel’s war with Hamas. It has repurposed some of the same Telegram accounts used for the first two operations, this time to sow distrust in and anger towards the government.
Iran vs. Russia: Quality vs. Quantity
Unlike Russia’s armies of uncountable social media bots, Emerald Divide currently maintains what’s called a coordinated inauthentic behavior (CIB) network of just more than 250 online accounts, including seven primary Telegram accounts. This isn’t because of some major takedown: In its history, it has used only 16 such primary accounts.
“When it comes to overall size and scale of the operation, we wouldn’t consider it small by any means,” says Sean Minor, team lead for influence operations research in Insikt Group. “But it’s certainly not a massive campaign like we’ve seen from other nation-states.”
In some ways, this more focused approach has proved fruitful. One of Emerald Divide’s ongoing accounts, “Tears of War,” enjoys an audience of around 2,000 subscribers. And, Minor says, the fact that a follower posted one of its posters in a public square signals that this group is achieving more than most. “It’s a little bit different from other campaigns we’ve seen, which are a bit more ephemeral — we can’t really tie them to physical action by the target audience. This one seems a little different,” he says.
Whether by quantity or quality, these influence operations may only grow stronger as governments and organizations struggle with real, practical steps to stop them.
“It starts with awareness and then from awareness. Governments can engage private companies to discuss what they’re seeing and increase their collaboration,” Minor says. “Hopefully, this broadens the aperture and provides more organizations the ability to track whether or not this network will change over time, which we assess that it will, as it has in the past.”
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltcdab1c173c692ab9/6606042573f97bbf4f7c507c/Iran-Israel-flags_Ruma-Aktar_AlamyStockPhoto.jpg?disable=upscale&width=1200&height=630&fit=crop
