Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa.

Israel Battles Spike in Wartime Hacktivist, OT Cyberattacks

Israel's cybersecurity industry made strides in the past year despite the backdrop of the war in Gaza.

The Israel flag with binary code running over it
Source: Birgit Korber via Alamy Stock Photo

For Israel, 2023 will be remembered as the beginning of the war in Gaza after the devastating Hamas terror attacks on Oct. 7. The conflict spread to the cyber realm, with hacktivists on both sides declaring their intentions to conduct cyberattacks. But the impact of the war also affected the cybersecurity industry directly when the Israeli military summoned around 360,000 reservists — roughly 4% of Israel's 9.8 million population — who left their regular jobs to join the military operation.

Cybersecurity experts that Dark Reading spoke with at the time predicted this could affect the way Israeli businesses operate, potentially leaving some organizations vulnerable to cyberattacks or even delaying the rollout of products. Ofer Schreiber, senior partner and head of the Israel Office at YL Ventures, says some companies he works with still currently have some staff in active reserve duty.

"For Israelis and for people who know our economy, we look at [the war] as a short-term thing as it is a tragedy, but from a business perspective we had disruption for a few weeks, but we are known for our resiliency," he says.

Many companies that Schreiber works with in Israel have expanded to Europe and the US, he says, and senior leadership is often based outside of Israel, so they were not affected by the military call-up. He says the result has been that "the impact on customers is almost negligible."

Under Constant Cyberattack

There were a number of notable cyberattacks against Israel before October. These included distributed denial-of-service (DDoS) attacks launched on Israel's Independence Day, and physical attacks on the nation's water controllers.

The attacks on Israel's operational technology (OT) and critical infrastructure were some of the most significant cyberattacks of the year, particularly when Israel's National Cyber Directorate warned that the Polonium group had targeted critical infrastructure sectors, including water and energy, in December.

Lior Frenkel, chairman of the Cyber Forum at the Israeli High-Tech Association and CEO of Waterfall Security Solutions, says cyberattacks against OT worldwide — including those with what he calls "physical consequences," such as shutdowns and damage done to equipment — are continuing to increase, with the number of detections doubling every year.

In fact, Waterfall's "2023 Threat Report" reports a 140% increase in attacks worldwide with "physical consequences" affecting over 150 industrial operations. "At this rate of growth, we expect cyberattacks to shut down 15,000 industrial sites in 2027," according to the report.

Frenkel notes that cyberattacks with physical consequences "and no ransom demands" are increasing even faster than ransomware attacks. Some 10% of attacks in 2023 that impaired operations "appeared to be politically motivated, with no ransom demand," he says.

Steps Forward

If there was a positive outcome from these increased attacks on Israel's OT systems, Frenkel says, it's that CEOs and management now better understand the challenges faced by security teams, and they realize "it is not a risk, it is not an idea: These are things that are happening again and again."

CEOs are seeing their peers being attacked, having to pay ransoms and fixing vulnerabilities after exploitation, and no CEO wants to be on their website apologizing for the incident afterward, he says.

Because of the attacks and direct impact on Israeli businesses, he says CEOs are now more receptive and more understanding of Israel being more of a target than other countries, "and because we are really small, we don't have a lot of redundancy in infrastructure — if you take out one power plant, it's a really big hit, but in a bigger country it wouldn't be such an impact."

There was other positive news for Israel on the cybersecurity defense front: Israel and the United Arab Emirates (UAE) worked together on a threat intelligence-sharing platform to battle cybersecurity threats, and a few days later, news came that Israel had aided the UAE in defending against a DDoS attack.

The acquisitions of Israeli OT cybersecurity companies by Tenable, Microsoft, and Honeywell also added a boost to the country's cyber industry, and Amichai Shulman, venture adviser at YL Ventures, believes these deals will probably fuel yet another cycle of new investments, as well as new companies built by serial entrepreneurs.

Asked if the Israeli cybersecurity industry is in a strong place now, Shulman says the only other industry "showing good performance this year" was defense. Meanwhile, there also are new Israeli companies "trying to tackle new domains" including low/no code application security, secrets management, and cloud incident response, he notes.

Both Shulman and Schreiber say that so far there has been no new innovation in OT security in the wake of the acquisitions of Israeli vendors in that sector. They expect that an increase in OT cyberattacks could, however, lead to more demand for improved OT security and protection.

About the Author(s)

Dan Raywood, Senior Editor, Dark Reading

With more than 20 years experience of B2B journalism, including 12 years covering cybersecurity, Dan Raywood brings a wealth of experience and information security knowledge to the table. He has covered everything from the rise of APTs, nation-state hackers, and hacktivists, to data breaches and the increase in government regulation to better protect citizens and hold businesses to account. Dan is based in the U.K., and when not working, he spends his time stopping his cats from walking over his keyboard and worrying about the (Tottenham) Spurs’ next match.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights