Israel currently ranks as the third most-targeted country in the world for cyberattacks
i24NEWS
3 min read
■
Four years after the cyberattack that crippled Hillel Yaffe Hospital, the vulnerabilities of Israel’s healthcare system remain glaring. Since the outbreak of the war in October 2023, Israel’s digital domain has turned into a front line: by year’s end, authorities recorded 3,380 cyberattacks, a 150% surge compared to previous years.
More than 800 of them carried “significant damage potential,” according to ynet.
Microsoft’s 2025 Digital Defense Report places Israel as the world’s third-most targeted country after the United States and the United Kingdom. It is also the leading target in the Middle East and Africa, absorbing more than 20% of attacks in the region.
Iran remains the most aggressive adversary, directing roughly 64% of its cyber activity at Israel in attempts to gather intelligence, disrupt services, and spread propaganda.
The techniques used are familiar but highly effective: exploiting unpatched vulnerabilities, using leaked or stolen credentials, and launching basic phishing schemes that grant direct access to internal networks. Despite the prominent role of state-linked actors, financial gain still drives most activity: data theft accounts for 80% of attacks, and more than half involve ransomware.
For Amir Preminger, CTO of the Israeli critical-infrastructure security firm Claroty, the scale of the threat can no longer be ignored. His team has tracked 136 claimed attacks over the past three years, including 34 aimed at essential infrastructure and eight targeting healthcare systems. “Hospitals face the same risks as any organization, but their rapid digitalization leaves them uniquely exposed,” he warns.
The exploited weaknesses are often depressingly basic: weak or reused passwords, overdue software updates, and outdated systems. Preminger identifies two main types of state-sponsored operations: high-impact attacks designed to cause maximum shock, potentially endangering patients, and long-term infiltration efforts intended to quietly siphon off sensitive medical data.
Artificial intelligence is amplifying the threat. “AI tools are enabling inexperienced attackers to scale up quickly,” Preminger says. Some autonomous agents can already execute complex sequences of cyber operations, while healthcare institutions adopt AI faster than they can secure it.
Despite the escalating danger, Preminger argues that regulation has fallen behind. The state possesses advanced cyber capabilities but has limited authority to enforce standards or assist private-sector organizations.
The path forward, he says, must include education, awareness programs, financial support, and mandatory baseline security requirements, before the next major attack hits the core of Israel’s healthcare system.
