Jerusalem, 19 February, 2026 (TPS-IL) — Israel faced more politically motivated cyberattacks than any other country in 2025, according to a report released on Thursday.
“The top three most targeted countries were Israel (12.2%), the United States (9.4%) and Ukraine (8.9%). This distribution underscores the role of hacktivism as a proxy weapon in international conflicts, used to disrupt the digital infrastructure of perceived state adversaries,” said U.S.-based cybersecurity company Radware in an annual report.
The numbers are in line with figures released by Israeli authorities in mid-February revealing a sharp increase in Iran-linked cyberattack attempts targeting senior officials, academics, journalists, and other public figures.
The report, which drew on data from Radware’s protection services and monitoring of hundreds of public Telegram channels, tracked a form of digital aggression known as hacktivism — a term combining “hacker” and “activist.” Hacktivists use cyberattacks as a form of political protest, typically targeting governments or institutions they oppose. Unlike state intelligence operatives, they tend to act openly, announcing targets in advance and posting screenshots of disrupted websites as proof of their campaigns. Their primary weapon is the denial-of-service attack, which floods a website with artificial traffic until it collapses under the load.
Radware recorded 1,881 unique attack claims against Israeli targets in 2025. The report identified two moments that drove particular spikes in attacks. The first was Operation Rising Lion, Israel’s 12-day campaign of strikes against Iranian nuclear and military infrastructure in June 2025. According to the report, that operation caused the Israeli cyberthreat landscape to escalate significantly.
The second was the anniversary of the Hamas attack on Israel on October 7, which the report described as a recurring “rallying point for global hacktivists, transforming political symbolism into coordinated cyber campaigns.”
The most-mentioned hacktivist operation across Telegram in 2025 was #OPISRAEL, which accumulated 3,635 references — well ahead of campaigns targeting India, Ukraine and Spain. Among the specific Israeli domains repeatedly hit were the ministry of Defense website and the Bank of Israel’s online presence, both of which appeared on Radware’s list of the twenty most attacked internet domains worldwide.
The group most responsible for attacks on Israeli targets was NoName057(16), a pro-Russian collective that Radware described as the most prolific hacktivist actor in recorded history, claiming nearly 4,700 attacks across all its targets during the year. The group has operated continuously since Russia’s full-scale invasion of Ukraine in February 2022. According to Radware, its targeting of Israel reflects a broader alignment with anti-Western causes rather than exclusively Middle Eastern politics.
Europe bore nearly half of all claimed attacks worldwide in 2025, driven largely by the wars in ukraine and the middle East. The report counted roughly 16,000 unique hacktivist attack claims globally over the year, monitored across more than 400 Telegram channels.
Radware’s researchers noted that the groups behind these campaigns increasingly coordinate their timing with political events to maximize disruption and media attention, functioning less like underground criminals and more like ideologically driven online movements.
Related Topics
