Originally published in the National Cyber Directorate Newsletter, Israel
Cyber defense for critical infrastructure has become an increasing challenge in an era of sophisticated attacks and expanding threats.
Power plants, water systems, electrical grids, and industrial facilities have become prime targets for nation-state attackers, organized crime groups, and even terrorist organizations.
These attacks are not limited to economic damage - they can threaten national security, public health, and sometimes even human lives.
One of the most notable incidents was the cyberattack on Colonial Pipeline in the U.S. (2021), which caused a widespread fuel supply shutdown and highlighted the vulnerability of vital infrastructure to digital threats.
In Israel as well, attacks on critical entities such as power companies and water facilities, have become routine.
According to a Radware report, Israel ranked second in the world in 2024 in terms of the number of cyberattacks it endured, with a sharp increase compared to previous years.
At the same time, there was a global spike of about 550% in DDoS attacks aimed at paralyzing services by flooding them with traffic.
The IT-OT Gap: A Built-In Vulnerability
One of the main challenges in securing critical infrastructure lies in the complex integration of Information Technology (IT) systems, which are typically regularly updated and protected with Operational Technology (OT) systems. These systems are often based on legacy technologies lacking built-in security.
Many OT systems were developed in a completely different technological environment and often do not support frequent security updates or advanced monitoring. This creates a "security gap" that is repeatedly exploited by sophisticated attackers.
File Transfer and Network Isolation Challenges
Protecting critical networks often requires complete isolation from open networks and the challenge lies in the nearly constant need to transfer data into or out of these networks.
One of the most prominent solutions today is Data Diode technology, which allows one-way data flow, either into or out of the critical network, through a secure, dedicated channel.
In environments with particularly high security classifications, an Isolated Island Network may also be used. This is a segregated intermediate network designed to provide hard separation and to carry out filtering, sanitization, and inspection of all data flowing in any direction.
A data diode functions similarly to an electronic diode that only allows current to flow in one direction. In this case, data flows only in the designated secure direction, with no physical way to reverse it.
This solution effectively prevents data leakage and significantly reduces the risk of hostile infiltration, especially since it avoids traditional two-way communication (e.g., a true TCP handshake).
Israel Under Attack – Technological and Organizational Dimensions
Israel’s security and technological reality underscores the need for tailored solutions, not only from a technological standpoint but also in organizational and regulatory terms.
Companies and organizations must comply with strict regulations and high-security requirements imposed by both national and international bodies.
In parallel, the Zero Trust approach - treating every file or device as a potential threat- is becoming increasingly critical.
One of Israel’s standout cybersecurity advantages lies in personalized services and the close collaboration between information security entities and national bodies.
Beyond advanced technology, trust and cooperation are built, enabling a deep understanding of each organization’s unique needs.
This collaboration translates into a more flexible and effective response, faster threat reaction, and the development of innovative solutions tailored to real-world demands.
In Conclusion
Critical infrastructure is the backbone of any modern state, and protecting it is not merely a technological challenge, it is a national mission.
The reality demands that decision-makers and IT leaders engage in continuous preparation, bridge the gap between IT and OT worlds, and implement advanced measures that prevent threats before they infiltrate the network.
As threats become more sophisticated and faster, greater innovation and flexibility are required to protect what is most critical on both a national and organizational level.
Adir Shorka
Solution Engineering Manager IL & SEE
OPSWAT
