Israel’s cyber security operations are based in Be’er Sheva, the largest city in southern Israel’s Negev desert. The Cyber Emergency Response Team (Il-CERT) provides immediate assistance to companies and citizens affected by cyber attacks. The CERT is part of a cyber security hub that includes startup companies, Ben Gurion University of the Negev, high-tech labs, and the Israel Defence Forces’ cyber campus.
There are seven Security Operation Centers (SOCs) alongside the CERT, focused on monitoring and detecting cyber threats in sectors like water, energy, public services, and law enforcement. The CERT operates an emergency hotline (119) for reporting any cyber-related concerns, including suspicious emails or malware. By analyzing incidents, the CERT can identify trends and prioritize responses.
Dana Toren, the executive director of the CERT, oversees its operations and emphasizes the importance of responding to incidents based on their national impact. The team received 13,000 incident reports last year, with a notable increase in attacks against Israeli companies during the conflict with Gaza.
The CERT has observed a shift in cyber attacks targeting Israeli infrastructure, with ransomware attacks and data leaks becoming more frequent. Iranian-backed groups are identified as the main cyber threat, aiming to cause significant damage. Despite challenges in attributing attacks, the CERT focuses on defensive measures to protect industries and critical infrastructure.
Increased collaboration and information sharing among organizations are vital in addressing cyber threats. The CERT provides guidance to affected parties, conducts vulnerability scans, and works on enhancing cyber defenses through projects like Cyber Dome. This initiative aims to use advanced technologies like AI and big data to detect and prevent cyber attacks in real-time, while also fostering international partnerships in cyber security.