Israel has foiled dozens of cyber attacks by Iran over last year, IDF says

An increase of 70% of hostile activity was recorded over the past year by Iran. Here's how Israel is fighting back.

The IDF’s Cyber Defense Directorate C41 Directorate. (photo credit: IDF SPOKESPERSON'S UNIT)
The IDF’s Cyber Defense Directorate C41 Directorate.

The IDF’s Cyber Defense Directorate has thwarted close to two dozen cyber attacks against the Israeli military in the past year.

The IDF’s Cyber Defense Directorate (credit: IDF Spokesperson's Unit).

The IDF’s network, said to be the largest in the Middle East, is constantly being threatened, and the military has identified an increase of 70% in hostile activity in recent years. Though the majority of attacks were identified and thwarted ahead of time, the significant increase in attempts worries the IDF.

"In the past year, the IDF thwarted dozens of attempts by Iran to carry out cyber-attacks. The IDF and the defense community have developed groundbreaking capabilities to defend against our enemies."

Senior IDF official

“In the past year, the IDF thwarted dozens of attempts by Iran to carry out cyberattacks,” said a senior IDF official on Wednesday. “The IDF and the defense community have developed groundbreaking capabilities to defend against our enemies.”

Israel, cyber threats and Iran

Iran has placed Israel as a top priority target in the cyber sphere – of more than 20 different cyber units, 10 specifically operate against Israel. Tehran invests many resources in developing offensive cyber power to use for various purposes.

One of Iran’s main goals is to influence the Israeli public, and the Islamic regime has attempted to attack civilian targets that do not have any operational value and would not cause any real damage to the State of Israel or the IDF. Their only purpose is to cause and spread fear.

Nevertheless, Iran has carried out several attacks that caused damage to the state, and it is believed that they may try to influence Israel’s upcoming election.

When did Iran start using cyber to attack Israel?

The opening shot of Iran’s cyber campaign against Israel was when the IDF thwarted an attempt to attack the country’s water desalination system in April 2020. Since then, there have been numerous attempts to attack Israeli systems, including the successful attack on the Hillel Yaffe Medical Center in Hadera in October 2021.

The massive ransomware attack on the medical center. initially thought to be by a Chinese hacker group, saw Iran break into its network, encrypt its data, and then demand a ransom to unlock it.

Meet Israel's C4I Directorate

A few days after the attack, troops from the Cyber Defense Division in the C4I Directorate began working to disable the encryption. Using their technological capabilities, the troops were able to reach a breakthrough and remove the threat.

But Iran is not the only actor attempting to attack the IDF’s network. Hezbollah and Hamas are both said to have cyber capabilities as well.

The IDF struck a building in 2019 housing a Hamas cyber unit’s headquarters in response to an earlier attempted cyberattack by the group, marking the first time that the military carried out a strike in response to a cyberattack.

Two years later, during Operation Guardian of the Walls in May 2021, the Israeli military said that it had struck two targets in the Gaza Strip that housed centers for Hamas cyber operations.

The IDF bombed a building it believed to be the Hamas cyber unit’s headquarters in what security experts described as the first kinetic response to a cyberattack.

So what does the C41 Directorate do?

The C4I Directorate and Cyber Defense Division are only responsible for the military’s network. Civilian or national assets are under the responsibility of the National Cyber Directorate and the Shin Bet, but the C4I Directorate and Cyber Defense Division provide support if asked to.

The IDF’s Digital Transformation Division was formed in 2019 to take all the potential in the civilian world and bring it to the military. As part of the C4I and Cyber Defense Directorate, the division leads the military’s digital innovation programs to connect all divisions in the IDF and provide them with modern infrastructure.

Over the past two years, the division has developed a number of programs that provide high-quality, reliable, and real-time intelligence accessible to all command levels in order to significantly strengthen the effectiveness of troops.

One program, dubbed “Maestro,” can provide thousands of real-time targets to officers as well as the most effective way to strike them. Used in Operation Breaking Dawn this past year against Palestinian Islamic Jihad, the program allows for a synchronized and lethal operation.

The IDF has also carried out a comprehensive modernization process, with the aim of improving the rate of data transfer for the military. This is to increase the IDF’s ability to strike targets at a high rate in a short time to achieve operational objectives.

In 2017, the IDF opened the Spectrum and Cyber Defense Division in order to protect the military and all of its platforms and operations.

The classified division – made up of a defense operations center, a defensive intelligence center, a prism center, and a spectrum warfare center – has developed diverse intelligence and technological capabilities to give the IDF cyber superiority against attackers.

The dangers posed by cybercrime and cyberterrorism have been characterized as significant worldwide threats. Israel’s military has understood that both state actors and terror groups have the motivation and capabilities to do significant damage to the state and critical infrastructure.

The Digital Revolution has changed how the world, including militaries, operates.

The precision missile, the tank on the battlefield, the plane in the air, and even the soldier on the frontlines are online and connected. Digitalization has become an essential element in the Israeli military and its operations.

As such, the IDF has recognized that it is difficult to protect all of its systems from hostile actors, who are trying to exploit the connectivity to their advantage and obtain classified IDF data.

Troops in the C4I Directorate work around the clock to counter and deter all types of threats posed to Israel. They are responsible for all computers and communication of IDF troops on the battlefield, and all cyberdefense in the military.