Translated from: https://www.haaretz.co.il/st/inter/Global/magazine/Haaretz/2025/Saiiver_24.03.25/index.html#p=1
By Yoel Tzafir, in Collaboration With OPSWAT
In an era of escalating cyber threats targeting critical infrastructure, OPSWAT is at the forefront of cybersecurity, offering innovative solutions that solidify its position as a key player in global cyber defense - from multi-engine malware scanning to secure one-way data transfers.
In recent years, the world has witnessed a dramatic rise in cyberattacks targeting critical infrastructure. Energy facilities, water systems, electrical grids and industrial plants have become strategic targets for state-sponsored hackers, criminal organizations, and terrorist groups.
Reports from multiple U.S. organizations, including the Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), indicate a significant increase in attack attempts on the energy, water and transportation sectors, with ransomware attacks posing a particularly severe threat. These attacks go beyond financial damage - they threaten national security, public order and healthcare systems, and in extreme cases, even human lives.
Events such as the 2021 cyberattack on the Colonial Pipeline in the U.S., which led to fuel supply disruptions along the East Coast, served as a stark warning of potential future threats.
In Israel, cyberattacks on the electric company and water facilities have become an alarming routine, with security experts detecting daily infiltration attempts, most attributed to hostile entities in the Middle East.
According to a report by Radware, Israel ranks second globally in the number of cyberattacks it endures. In 2024 alone, Israel suffered approximately 1,550 cyberattacks, ranking second only to Ukraine, which faced 2,052 attacks. The U.S. ranked third. This marks a significant rise in Israel’s ranking compared to 2023 when it was fourth, trailing India, the U.S. and Ukraine. The report also highlighted a staggering 550% increase in DDoS attacks worldwide over the past year.
The Challenge: Bridging IT and OT Security
The main challenge in securing critical infrastructure lies in the complex interface between traditional IT systems and Industrial Control Systems (ICS) or Operational Technology (OT). While IT systems receive regular updates, OT environments often rely on outdated technologies designed before modern cybersecurity threats emerged, lacking security updates or advanced monitoring capabilities. This gap creates vulnerabilities that attackers exploit repeatedly.
In this complex landscape, OPSWAT offers a unique solution that has established it as a key player in critical infrastructure protection. Founded in 2002, the company specializes in developing technologies that bridge the gap between IT and OT security, focusing on securing data transfers between isolated networks (Air-Gapped Networks).
OPSWAT’s technology currently protects 98% of nuclear facilities in the U.S. and thousands of critical infrastructure facilities worldwide, from desalination plants to defense control and monitoring systems, we believe that every file and device pose a potential threat and must be addressed at all entry points - upon ingress, egress, and continuously. Our successful approach is based on Zero Trust principles, treating every file as a potential risk and emphasizing prevention rather than relying solely on signature-based detection. This enables infrastructure organizations to strengthen their cybersecurity posture. Our products focus on threat prevention, secure data transfer processes, and safe device access, ultimately reducing breach risks and preventing malware and Zero-Day attacks on energy and infrastructure facilities.
A Tailored Security Approach
The severity of cyber threats on infrastructure organizations and the complexity of securing them have led OPSWAT to develop a comprehensive, multi-layered defense platform, incorporating various modules to provide a holistic security solution.
At the core of the MetaDefender platform is MetaScan™, a module that examines each incoming file using numerous antivirus engines in parallel to maximize detection rates while maintaining performance efficiency. These engines leverage different detection methods - including signatures, heuristics, and AI - and are integrated through licensing agreements with leading security vendors. Customers can choose to scan files using multiple AV engines, sometimes exceeding 30 different engines for enhanced protection.
“Our recommendation is to use as many scanning engines as possible,” explains Czarny, noting that the platform can be deployed across a global organization to ensure maximum security coverage.
Another key module is Deep CDR™ (Content Disarm and Reconstruction), which applies advanced Zero Trust techniques to neutralize potential threats before they enter the organization. Supporting over 180 file formats, this module thoroughly disassembles each incoming file and reconstructs it without compromising the original content’s quality. The process is swift and seamless, preventing workflow disruptions. For example, if an email attachment contains a malicious macro script, the system dismantles the file, removes the threat and reconstructs it securely before allowing access.
The platform also includes an advanced MetaDefender Sandbox™ module, providing a dynamic analysis environment based on emulation rather than traditional virtualization.
Unlike virtualization-based approaches that attackers can evade, OPSWAT’s emulation method simulates code execution, enabling more accurate threat detection. This results in a tenfold improvement in analysis speed and a hundredfold increase in scanning accuracy compared to competing solutions. The module supports the analysis of large files, up to 2GB in size.
MetaDefender NetWall™: A Force Multiplier for Secure Data Transfer
One of the biggest cybersecurity challenges in critical infrastructure is the secure transfer of files between networks - such as from an open network to a highly sensitive closed network - while maintaining absolute isolation to prevent data leaks. A one-way data transfer mechanism is essential to preserve this separation, allowing data intake without exposing the secure network to external threats.
This is precisely the purpose of MetaDefender NetWall™, a hardware-software hybrid solution that leverages Data Diode Technology to enable unidirectional, secure data transfers. A data diode is a hardware component ensuring that information flows in one direction only, preventing any backflow from the secure network to the open network.
Such technology is widely used in high-security environments, including military installations, critical industries and national infrastructure. The fundamental principle ensures that while information can enter the secure network, it cannot exit, thereby preventing data leaks and strengthening cybersecurity defenses.
In 2024, OPSWAT further reinforced its data diode portfolio with the acquisition of FEND, expanding its capabilities in Unidirectional Gateway Solutions critical technology for protecting air-gapped environments.
Expanding Presence and Security Impact in Israel
OPSWAT was founded in 2002 with the vision of providing comprehensive cybersecurity protection for critical infrastructure. The company has 1,800 customers in 150 countries worldwide and operates offices in the U.S., Europe (UK, Germany, Hungary, Switzerland, Romania, France, and Spain), and Asia (India, Japan, Taiwan, Vietnam, Singapore and the UAE).
In Israel, the company has been providing services to hundreds of large organizations for many years, including Clalit Health Services, the managing corporation of the Compulsory Vehicle Insurance Pool ("HaPool"), and other entities. Recently, the company moved to its new offices in the B.S.R. Towers in Petah Tikva and has about 20 employees in Israel. In its new offices, the company launched an innovative cybersecurity lab for attack demonstrations and simulations.
Shay Czarny, a former intelligence officer and VR startup alumnus, notes that activity in Israel has grown significantly in recent times. "We have recorded a 50% increase in operations in Israel, with many customers making repeat purchases of products and expansions. I assume this is due both to our extensive product range - the broadest in the country - and to the quality of our solutions.
Additionally, we provide outstanding customer service, ensuring our customers are satisfied and feel secure in implementing our products within their organizations. Whenever there is an issue, the entire company mobilizes to resolve it quickly and efficiently. We care about every customer and never give up on anyone."
What Is the Nature of the Relationship Between the Israeli Branch and the Global Headquarters?
"Many of the capabilities and improvements made in our products originate in Israel, which reflects the strong connection between the branches. Some of the advancements in our solutions also stem from development requests by Israeli customers, further strengthening our position at the forefront of cybersecurity solutions for critical infrastructure."
What Is Your Vision for the Coming Years?
"Our goal is to expand our customer base both in Israel and globally while ensuring that our cybersecurity platform provides organizations, both in the public and private sectors, with the critical advantage they need to protect their most complex environments."
