Israel was the most targeted country in the world for geopolitically motivated cyberattacks last year, according to new data from Radware’s 2026 Global Cyber Threat Report. The company says Israel absorbed 12.2% of all politically motivated cyberattacks worldwide, reflecting a sharp escalation in digital hostilities linked to global conflicts.
According to Radware’s 2026 Global Cyber Threat Report, there was a 168% surge in DDoS attacks and an increase of more than 120% in application-layer attacks.
DDoS Activity Jumps 168%
For many Israeli organizations, cyberattacks have become a daily occurrence rather than an exceptional event. In the Radware report, ideologically motivated groups were found to carry out sustained campaigns throughout 2025, frequently claiming responsibility in real time on Telegram.
The company recorded around 16,000 unique attack claims from such groups over the course of the year.
The report highlights a dramatic rise in network-layer distributed denial‑of‑service (DDoS) attacks, with attacks surging by 168% in a single year, marking one of the steepest jumps Radware has observed. In the second half of 2025, “the average Radware customer experienced more than 25,000 such attacks, illustrating the shift from isolated incidents to a persistent attack environment,” the report said.
Targets of ongoing denial-of-service (DoS) campaigns included government websites, critical infrastructure, and commercial companies across multiple sectors. Some of the attacks were claimed in real-time on Telegram channels.
Application-layer attacks, AI-driven bot activity surge
Attackers also intensified their focus on the application layer, where websites, APIs, and digital services operate. Radware recorded a more than 120% increase in malicious activity at this level compared to the previous year.
The company called this “the primary battlefield” because application‑layer attacks directly disrupt business systems and customer operations, sectors such as technology, telecommunications, financial services, and e‑commerce were among the hardest hit. Many attacks now last under a minute, making manual detection nearly impossible and pushing organizations toward automated, real‑time defenses.
Malicious bot activity grew 92% in 2025, fueled in part by the accessibility of generative AI tools. Radware says these tools enable attackers with limited resources to launch large‑scale automated campaigns, including account-takeover attempts, data scraping, and repeated login attacks.
Experts warn of a new phase in cyber conflict
“The threat landscape is evolving rapidly,” said Ron Meyran, Radware’s Vice President of Threat Intelligence. “Attackers are now combining automation, artificial intelligence, and multi‑vector strategies to disrupt operations at scale. Organizations must adopt automated defenses capable of responding in seconds, not minutes.”
Radware expects the patterns seen in 2025 to persist in the coming years. The company predicts continued growth in application‑focused attacks, automated bot activity, and the use of cyberspace as a tool in geopolitical conflict, developments that are likely to shape the operating environment for organizations worldwide.