Even mired in a messy war in Gaza, the “start-up nation” has some advantages not easily seen by the naked eye. Israel, with approximately one one-thousandth of the global population, is one of the top cyber powers in the world, both in the civil and military realms. Remarkably, Israel has been home to as many cyber startups as in the rest of the world combined, excluding the United States. And foreign direct investment in Israeli cyber security firms was likewise second only to the United States. The reasons for this make an interesting lesson.
From its earliest days, Israel viewed advanced technological capabilities as both an economic and a military imperative. Technological prowess was critical to economic development, which would in turn provide the basis for the qualitative military response with which Israel would seek to counter the existential hostility and overwhelming quantitative advantages of its adversaries. By the time the cyber revolution emerged, Israel was already a leading center of high-tech.
Cyber fit Israel like a glove. Compared to other industries, it has limited development and manufacturing costs and requires modest numbers of extremely talented personnel. Drawing on Jewish traditions of critical learning, Israel’s culture is highly similar to that found in the leading global high-tech firms: constant challenges to accepted norms, practices and wisdom; a refusal to take no for an answer; and consequent searches for new means of surmounting obstacles. You might call it “chutzpah gone viral.”
The Israel Defense Forces (IDF) and intelligence agencies have been the driving forces behind cyber innovation in Israel, creating demand for military applications and providing much of the knowledge and resources needed to fund their development by commercial firms. Many of these military applications have spawned civil ones, and numerous Israeli cyber firms were established by veterans of IDF cyber units. Approximately 100 veterans of Military Intelligence Unit 81, for example, the ultra-secret advanced technologies unit, established 50 startups in the decade after they were discharged, with a total valuation of over $10 billion.
Compulsory military service, a rarity among Western states today, may be the single most important source of Israel’s cyber prowess. Compulsory service enables the IDF and intelligence agencies to harness Israel’s absolutely brightest minds for a number of years, essentially for free, providing it with a cyber force comparable in size to that of a global superpower. Whereas, the National Security Agency, the primary American signals intelligence agency, has approximately 40,000 personnel, its Israeli counterpart, Unit 8200, has some 10,000—substantially smaller, but not by orders of magnitude. China’s National Cybersecurity School graduated 1,300 students in 2022; the IDF discharges a few hundred to 1,000 top-notch cyber experts each year.
Overall, the IDF trains some 10,000 soldiers a year in cyber-related programs, an indication of their subsequent impact on Israel’s high-tech sector generally. The highly competitive selection process begins in high school. The top 1 percent of graduates are offered the opportunity to enroll in Israel’s version of the American ROTC, to study computer science, mathematics, or engineering, prior to their military service. Another program puts the top 2 percent of high school graduates through a battery of tests, of whom just 10 percent pass and who are further winnowed down through grueling aptitude testing. Unit 81 is almost as selective; about 10,000 high school students meet the initial criteria each year, but only a few hundred are accepted.
Cyber education programs are available to Israeli students from sixth grade on and at every university in the country. Special adult education programs target underrepresented groups in the technological fields, including women, the ultra-Orthodox and Israeli Arabs, to provide them with the skills needed for employment in Israel’s lucrative cyber sector. The government also subsidizes academic scholarships, research grants and the commercial cyber sector.
Israel was one of the first countries to adopt a civil cyber strategy (actually, it is the only national security domain in which it has a formal strategy). Given the impossibility of defending every potential cyber target in Israel—essentially every individual and organizational user of computers—tailored defensive packages are only provided to critical infrastructure firms (e.g. power, water, communications). All others must make do with the general security guidelines and regulations issued by the Israel National Cyber Directorate. The strategy also includes a variety of means for promoting the national cyber ecosystem, through education, R&D and more. Given the global nature of cyber threats and opportunities, international cooperation is also central to the strategy.
On the military side, we know that Israel proactively prevents cyberattacks, but important parts of Israel’s military cyber strategy remain unknown. For example, how cyber weapons complement its conventional and strategic capabilities, whether they constitute a new means of implementing the “Begin Doctrine,” Israel’s long-standing vow to prevent any hostile state in the region from acquiring nuclear weapons, or whether cyber might constitute a new escalatory rung, below the nuclear level.
Unsurprisingly, little is also known of Israel’s offensive cyber operations, including in the war in Gaza. The Stuxnet attack against Iran’s nuclear program in 2010, reportedly a joint operation with the United States, still stands out as one of the most brilliant cyber operations ever and the first to cause physical damage. The bombing of Syria’s nuclear reactor in 2007 utilized cyber means to trick Syrian air defenses into believing that all was okay, even while the attack was underway. Israel and Iran have reportedly engaged in an ongoing exchange of cyber and kinetic attacks since 2021.
Israel is a primary target of cyberattacks. As in other forms of asymmetric conflict, Israel’s adversaries do not seek to cause a single catastrophic attack or a few of them but to weaken the nation through a long-term campaign. To date, Israel has successfully thwarted most of these attacks, which have targeted virtually every type of computer system, including critical infrastructure firms (electricity, water, communications), military targets, El Al, the Bank of Israel, universities, hospitals, government ministries, TV stations and more. Attacks have been carried out for disruptive and/or destructive purposes, espionage and terrorism, and information operations, including attempts to influence public discourse and the electoral system. Iran, Hezbollah and Hamas are behind most attacks, but Russia and China have been implicated too, and in some cases so have even close allies. One particularly ugly information attack in 2021 exposed the entire membership of Israel’s leading LGBTQ organization, including names, explicit pictures, sexual preferences and HIV histories. In another incident reported during the Gaza war, fake profiles on social media sought intelligence from hundreds, even thousands of IDF soldiers, by posing as attractive women ostensibly interested in romantic relationships.
Israel’s experience suggests strong, if not unequivocal, answers to some of the primary dilemmas facing cyber practitioners and theorists worldwide. First, it strengthens the contention that cyberattacks are less likely than physical attacks to escalate hostilities—or, at a minimum, that Israel and its primary adversaries believe this to be the case and act accordingly. Second, the limited number of successful attacks of significance against Israel to date, mostly against poorly defended targets, lends credence to the argument that the cyber realm, long considered to be offense-dominant, is increasingly becoming defense-dominant. Third, Israel’s experience strongly suggests that the advanced technological capabilities required to make truly effective use of the cyber realm, strengthen the capabilities of strong state actors, even more than they provide weaker states and non-state actors with new asymmetric capabilities with which to challenge them. Finally, it strongly supports the belief that cyber deterrence, defense and defeat are usually only effective when applied together with other sources of state power, not as stand-alone capabilities.
The sole blemish on Israel’s remarkable cyber story has been the sale of cyber espionage tools to authoritarian regimes (the “NSO scandal”), which used them for nefarious purposes. These sales did, however, play an important role in achieving the diplomatic breakthroughs leading to the strategically important Abraham Accords. In any event, Israel has cracked down on the firms involved to the point that they have largely been put out of business and replaced by American and Western competitors.
Foreign investment in Israel’s high-tech and cyber sectors has been hit hard by Prime Minister Benjamin Netanyahu’s “judicial overhaul” and by the war in Gaza. Netanyahu deserves credit for promoting Israeli cyber in its early years. Let’s hope he will not oversee its demise.
Chuck Freilich, a former Israeli deputy national security adviser, is a senior fellow at the Institute for National Security Studies and the author of Israel and the Cyber Threat: How the Startup Nation Became a Global Cyber Power and Israeli National Security: A New Strategy for an Era of Change.
Top Image: Members of the IDF using computers. Photo courtesy of the IDF spokespersons unit via Wikimedia commons.
