Jerusalem, 25 February, 2026 (TPS-IL) — Israel’s National Cyber Directorate has reported a sharp rise in cyber threats over the past year, drawing attention to the growing challenges of protecting the country’s digital infrastructure. The Directorate, responsible for protecting critical systems, said 2025 saw a surge in targeted attacks on organizations, ranging from hospitals to software providers, as well as an unprecedented increase in public reports of cyber incidents.
The directorate’s annual report, released Wednesday, offers a detailed look at Israel’s cybersecurity landscape, including the types of threats, organizational vulnerabilities, investments in security, and the readiness of the nation’s critical infrastructure.
“The year 2025 has demonstrated even more clearly that there is no ‘ceasefire’ in cyberspace and that cyber is a central strategic front in national security,” said Yossi Karadi, head of the National Cyber Directorate. “The data show that every organization, system, and citizen is a potential target. Our primary mission—to protect critical infrastructure and ensure the continuous functioning of the State of Israel—remains essential.”
Most alerts were directed at specific organizations, while a smaller portion concerned the broader economy, designated groups, or the general public, mainly to warn against phishing and fraud attempts.
The Directorate’s 119 center, a hotline for reporting cyber incidents, received roughly 26,500 reports this year, marking a 55% increase compared with 2024. Phishing attacks accounted for more than half of these cases, followed by psychological operations and influence campaigns, hacking of social media and cloud accounts, and intrusions into computer systems. Activity peaked in June, after 12 days of war with Iran, when attacks surged well above the monthly average.
Notable incidents included an attempted disruption of the Shamir Medical Center in Be’er Yaakov during the Yom Kippur holiday, a cyberattack on a company providing information management services to nursing homes in November, and the deletion of servers at a cloud computing provider.
Investigations indicate that attackers primarily gain access through phishing campaigns, theft of legitimate user credentials, exploitation of weak or outdated systems, breaches of supply chains, and vulnerabilities in connected Internet of Things devices. Malware designed to steal passwords and sensitive information was also commonly used.
The surge was attributed in part to Iranian intelligence activity.
The figures were in line with a recent report by Radware, a U.S.-based cybersecurity company. The company’s annual report found that Israel faced more “hacktivism” — politically motivated cyberattacks — than any other country in 2025.
Hacktivists use cyberattacks as a form of political protest, typically targeting governments or institutions they oppose. Unlike state intelligence operatives, they tend to act openly, announcing targets in advance and posting screenshots of disrupted websites as proof of their campaigns.
Related Topics
