Following the attacks on Israel by Hamas over the past days, when Prime Minister Benjamin Netanyahu warned Israelis “to brace themselves for a long and difficult war,” attention turns to those cybersecurity vendors located in the Israeli tech hub and how they may contribute to the war effort.
Chris Pierson, CEO of BlackCloak, believes Israel’s “substantive cybersecurity intelligence and strike capability” will serve it well, including having some of the best commercial cybersecurity companies in the world.
JP Castellanos, director of threat intelligence at Binary Defense, says that, particularly in light of potentially destructive attacks against IT or critical infrastructure, it is likely that Israeli cybersecurity companies will do all they can to help with the current crisis. “That means becoming more visible, not less,” Castellanos says.
Attacks Ramp Up During Wartime
On the cyber front of the Gaza crisis, hacktivists have already begun preparing targets and offering their wares to the highest bidders, who may be looking to cause politically motivated website disruption on public-facing services. And indeed, there was a wave of notable distributed denial-of-service (DDoS) cyberattacks on Oct. 7 and Oct. 8, including one attack which reached 1.26 billion daily requests, while another other reached 346 million daily requests on Oct. 7, and 332 million daily requests the following day.
“Looking at these DDoS attacks in terms of requests per second, one of the impacted sites experienced a peak of 1.1 million requests per second,” says João Tomé, content editor at Cloudflare.
But experts say they expect other kinds of attacks against companies and organizations in Israel to ramp up, carried out by both state-backed and non-state-backed operators with much larger arsenals than a DDoS botnet. Pierson for instance says the targets for attacks could be civilians as well as infrastructure and military targets.
“The most likely targets would be infrastructure as a whole – telecommunications, power, finance, and logistical transportation,” he says.
It’s already starting: Yossi Appleboum, CEO of Sepio Systems and a former member of the Israel Defense Force’s Unit 8200, says cyberattacks against his company had increased by 100% in the last week.
Carlos Perez, research practice lead at TrustedSec, says retaliatory cyberattacks become more common during geopolitical crises, but says that many of these risks have been ongoing for Israeli companies, and they will continue to be vulnerable, as we have seen in the past. However Perez believes some companies will be ready, others will not. “It depends mainly on business buy-in and budgets: they do get targeted with a larger volume of attacks than most organizations, which puts them at a higher risk level.”
Call in the Reservists
The Israeli military has summoned roughly 360,000 reservists — roughly four percent of Israel’s 9.8 million population. Thus, the question for many companies in the region, is whether this will lead to staff leaving their day jobs, and for cybersecurity vendors, whether that will affect cyber defense.
Pierson says he expects those with special cyber intelligence training to be called to augment military teams on the ground, and expects those who have previously served their country to volunteer help and assistance for the war effort — and that could impact some operations. However, he does not foresee a change in marketing or external presence activities for most cybersecurity companies in Israel at the moment.
Castellanos meanwhile believes with reservists being drafted, this would cause a momentary staff shortage until the conflict resolves. However, he adds that “in the case of cybersecurity vendors, I would imagine that Israel would take a balanced approach to this, because they certainly don’t want to weaken the very vendors who will be playing a critical role in protecting Israel’s national interests.”
For his part, Sepio’s Appleboum says some activities and features may be delayed or postponed due to staff shortages, but companies will prioritize what is important, “and this may affect current customers. Future planning can wait a bit.”