The Israel National Cyber Directorate’s annual report shows a significant 43% increase in cyber incident reports to the Directorate’s 119 hotline in 2023 compared to 2022. Additionally, the report highlights that 800 cyber incidents with significant potential damage were either prevented or thwarted between October 7th and December 31st, 2023. The report details key trends and attacks during the war period and showcases the Directorate’s active defense activities, data on the state of the cyber industry, human capital, and technological projects.
According to the report, out of 13,040 reports that came from organizations and citizens to the Directorate this year, approximately 68% were received during the “Iron Swords” war period. 41% were related to breaches of social media and WhatsApp accounts (2.5 times more than last year), around 25% involved phishing attempts, and 13% were related to intrusions into computer systems. The remaining reports were related to system vulnerabilities (9%), malware (3%), disruption of operational continuity such as denial-of-service attacks (2%), and GPS disruptions(2%)
A significant portion of the report is dedicated to the war period, during which there was an increase in cyberattacks that shifted from focusing on influence and data leakage to causing disruption and damage. As the war progressed, more attack groups affiliated with Iran and Hezbollah were identified. The report also details the Directorate’s activities during this period, including efforts to reduce vulnerabilities in hospital systems and control systems in the energy and water sectors, boosting resilience in approximately 160 local authorities and supply chain entities, enacting emergency legislation, investigating crypto wallets, and more.
Furthermore, during the war period from October 7 to December 31, the Directorate handled approximately 800 significant cyber incidents, most of which were mitigated without damage while maintaining operational continuity. An analysis of the sectors that identified the most attacks or attempts indicates that companies providing digital services were the preferred targets over the past year due to their ability to reach multiple organizations simultaneously. Other key sectors targeted included telecommunications, government, financial, and local authorities.
The report details several major flagship projects of the Directorate in collaboration with tech giants Google, Microsoft, and Amazon to establish defense systems, information sharing, and national-level attack monitoring.
The report’s data show that as part of active defense activities, the Directorate removed more than 2,500 malicious phishing infrastructures, handled nearly 1,000 specific security vulnerability reports in organizations, signed 72 CVEs (Common Vulnerabilities and Exposures), and issued over 367 alerts.
Additionally, the report provides an overview of the Israeli cyber industry, noting that despite a significant decline in investments in various high-tech sectors in Israel and worldwide over the past two years, the decline in investments in Israeli cyber companies was relatively lower. Thus, 8 out of the 10 largest “exits” (over $100 million) of Israeli companies this year were in the cyber sector, with cyber exits totaling approximately $2.8 billion, accounting for 80% of all high-tech exits in Israel this year.
According to the DG of the National Cyber Directorate, Gaby Portnoy, “In 2023, there was a significant improvement in the ability to defend the Israeli cyberspace as part of a shift in the Directorate’s approach and rapid actions for broad defense during the war. The year 2024 will be marked by continued preparedness, alongside expectations for improved cyber capabilities and an increased willingness of our adversaries to conduct attacks causing damage to the civilian front.”
