Memos 
Live events & webinars 
Trend Reports
In recent years Israel has prided itself on becoming a cyberdefense superpower, including branding the southern city of Beersheba “the cyber capital of Israel.” But even so, outside hackers continue to take aim at Israeli institutions and organizations.
On Aug. 31, for instance, a computer intrusion occurred against the websites of the Haifa, Eilat, and Jaffa ports and the tourism site of Old Acre. Some reports claimed that it was Iranian hackers, but the Iraqi hacker group Al-tahrea claimed responsibility. Taking down the website apparently didn’t impact the activity of the ports themselves, but it served as a warning to the port operators and local authorities in the region.
At the beginning of September, hackers broke into the sewage system of Or Akiva and exposed the vulnerability of the system.
The chairman of the CEO forum of the Federation of Local Authorities, Doron Milberg, warned yesterday that the next attempts could endanger lives. “We have to prepare immediately and operationally for cyberattacks on local authorities. Don’t wait, prepare today for an attack on your systems, because if there will be an attack — we will be blamed. When lives are lost, we will be criminally liable. We all have a ton of work, but let’s prioritize defense of our computer systems from cyberattack as a top priority,” Milberg said.
Milberg’s remarks came two days after a similar warning from Mossad Chief David Barnea about Iranian and Iranian-sponsored terror activity.
Israel’s leadership in the cyber arena is seen in the numbers. 16% of global investments in cyber happen in Israel. In 2020, Israel cyber exports reached $6.85 billion and investment fundraising reached $2.9 billion. Last year, total investments stood at $8.8 billion.
Even so, Israel has recently experienced many computer intrusions that led to theft or leaks of data and to the stoppage of physical and virtual services.
Hackers struck organizations, companies and government entities from many fields, including: medical (Hillel-Yafeh hospital), financial services (Shirbit insurance company), website storage (Cyberserve), transportation (the Airport Authority, the Metropolitan Mass Transit System, the Port of Haifa), government (government websites), education (Bar-Ilan University), defense industry (the Israel Aerospace Industries), and even critical infrastructure (electricity, water, sewage). Iranian or Iranian-affiliated hackers claimed they hacked into the email accounts and cellphones of senior Israeli officials.
Various groups, mostly identified as originating in Iran or supporting the regime, ihave claimed responsibility, usually under Telegram accounts. However, Israeli-American IT security firm Check Point argues that the attribution to Iran is not certain in all these cases.
Computer intrusions have reached records in the past two years. The firm Kaspersky determined that in 2022 there was an increase of 400% in attempts to steal Israelis' passwords, compared to an increase of 25% around the world. Check Point reported an increase of 56% in the third quarter of 2022.
Calcalist journalist Omer Kabir wrote last December, “Externally, startups and companies facing the international market offer everything first class, the best and most secure products, creative and innovative solutions, the best personnel in the world. Internally, it’s third class. On a train. In India. In the 19th century.”
However, groups that experience cyberintrusions in Israel do not always report them to the authorities or to the public. Those that are reported usually become known because the attackers take public responsibility.
In many violations, the human element stands out as the weakest link in the chain of organizational information security, whether it’s by fooling users or a lack of strict adherence to protocol.
In light of these issues, Israel must increase awareness to cyber threats, and organizations must deepen the capacity to successfully manage such threats. Institutions and organizations must work to improve their preparedness for these events and their capacity to manage them at the moment they happen.
Moreover, experts warn that technology is not enough to deal with the threats facing organizations today. Israeli institutions and organizations must implement elements aside from cyberdefense into their systems: policies, psychology, a fitting legal structure, diplomacy, risk management and cyber risk insurance.
The diplomatic dimension got a concrete demonstration last week when Albania announced that it is severing its diplomatic ties with Iran after a July cyberintrusion. A report by Microsoft intelligence threat researchers found that the incident was connected to Iran’s attacks on Israel.
