Meet Toka, the Israeli cyber firm founded by Ehud Barak, that lets clients hack cameras and change their feeds – just like in Hollywood heist movies
Omer Benjakob, Haaretz, December 26th, 10:13 AM IST
On January 10, 2010, Hamas’ point man with the Iranians, Mahmoud al-Mabhouh, was assassinated in Dubai. A month later, the local police force stunned the world – and Israel – by painstakingly piecing together hours of closed-circuit TV footage. The videos were combed to trace the 30 Mossad assassins’ steps and reveal their faces.
If Israel’s espionage agency had the technology currently being provided by the Israeli cyberfirm Toka 12 years ago, it’s likely the hit squad would have never been identified.
Toka was co-founded by former Israeli premier Ehud Barak together with the former Israel Defense Forces cyber chief Brig. Gen. (ret.) Yaron Rosen – and its capabilities are being revealed here for the first time.
The company sells technologies that allow clients to locate security cameras or even webcams within a given perimeter, hack into them, watch their live feed and even alter it – and past recordings – according to internal documents obtained by Haaretz and reviewed by a technical expert. Its activities are regulated by the Israeli Defense Ministry.
It was set up in 2018 and has offices in Tel Aviv and Washington. It works solely with state clients in government, intelligence bodies and law enforcement agencies, almost exclusively – but not just – in the West. According to the internal documents, as of 2021, the company had contracts with Israel valued at $6 million, and had also planned an “expansion of existing deployment” in Israel. Toka did not respond to Haaretz’s queries regarding its activities in Israel.
Niche operator
Cameras play a number of roles in regards to national security and defense.
Last month, Iranian hackers leaked footage of the deadly terrorist bombing that had taken place at a bus stop in Jerusalem the previous day. It was lifted from one of many security cameras installed by an Israeli security agency for surveillance purposes. According to the Israeli state broadcaster, Iran gained access to that camera a year ago. Toka’s product is intended for such scenarios, and much more: hacking into a camera network, monitoring its live feed and accessing its archive, and altering them – all without leaving any forensic trace.
While Israeli cyberoffense firms like the NSO Group or Candiru offer bespoke tech that can hack into popular devices such as smartphones and computers, Toka is much more niche, a cyber industry source explained. The firm links the worlds of cyberoffense, active intelligence and smart surveillance.
As well as co-founders Barak and Rosen, the company is run by two CEOs from the world of cyberdefense: Alon Kantor and Kfir Waldman. Among the firm’s backers are venture capitalists Andreessen Horowitz, an early investor in Facebook (its co-owner Marc Andreessen still has a seat on the Meta board; Meta is currently suing Israeli spyware maker NSO Group).
According to a company pitch deck obtained by Haaretz, Toka offers what it terms “previously out-of-reach capabilities” that “transform untapped IoT sensors into intelligence sources,” and can be used “for intelligence and operational needs.” (IoT stands for Internet of Things and refers here to web-connected cameras and even car media systems.)
Toka, per the documents, offers tools that allow clients to “discover and access security and smart cameras,” survey a “targeted area” and “stream and control cameras” within it over time, and target cars, to “wirelessly” provide “access” and extract what Toka terms “car forensics and intelligence” – in other words, the geolocation of vehicles.
The services are bundled together and Toka clients, the documents boast, will be able to gather visual intelligence from both “live or recorded videos.” They can even “alter feeds” of “audio and visual” recordings to allow “masking of on-site activities” during “covert operations.”
Security and web cameras have mushroomed in recent years and can be found everywhere: traffic intersections, street corners, malls, parking lots, hotels, airports and even our homes – from baby monitors to smart door buzzers. In order to broadcast a live feed that we can access via our phones or desktops, these cameras must connect somehow to the internet.
Toka’s system taps into these cameras and the different systems supporting them. This can be used for both operational and intelligence needs. For example, during a terror attack, a police force using the technology can remotely track the movement of fleeing terrorists across the city. It also allows covert collection and altering of visual data, which can be invaluable for military ops or criminal investigations.
Dystopian tech
In the 2001 heist movie “Ocean’s Eleven,” the elite crew led by George Clooney and Brad Pitt hack the closed-circuit TV system of the Las Vegas casino vault they are trying to break into, diverting its feed to a mock safe they built in a nearby warehouse. The casino security teams are effectively blind, giving the suave thieves time to crack the safe.
