In recent times, the digital landscape in Israel has experienced unprecedented data breaches, with a staggering two petabytes—equivalent to two quadrillion bytes—of information being stolen. Yossi Karadi, the head of the Israel National Cyber Directorate (INCD), shared these alarming figures in an interview with *The Jerusalem Post*, highlighting the escalating scale of cyber threats faced by the nation.
Historically, the measuring stick for cyberattacks was considerably smaller, often quantified in megabytes or gigabytes. However, as technology evolved, breaches of terabyte proportions became commonplace. Now, hackers have dramatically upped the ante, with recent figures indicating that Israeli individuals and institutions are grappling with the consequences of these massive data thefts.
Understanding the Scale of Data Breaches
To put the magnitude of this theft into perspective, Karadi drew a comparison to the National Library of Israel, which possesses a digital archive of roughly 20 trillion bytes. The total data breached equals the contents of around 100 libraries of that size. This estimation is a product of comprehensive intelligence assessments conducted by the INCD, detailing numerous cyber incidents that have unfolded.
But it’s not just the sheer volume of stolen data that is concerning. Officials have seen a notable increase in specific cyber threats as well. For instance, phishing attacks surged by 35% in 2025, while cyber influence operations skyrocketed by 170%. This signals that the issue of data breaches is part of a much broader and more complex cybersecurity landscape.
The Mechanics of Phishing Attacks
Phishing remains one of the most common methods employed by hackers, relying primarily on social engineering techniques. Attackers manipulate individuals into clicking harmful links or disclosing personal financial information. This not only allows them to siphon off funds but can also serve as a gateway into larger organizational systems, potentially leading to even more extensive breaches.
The Rise of Cyber Influence Operations
Another troubling trend is the escalation in cyber influence campaigns, which don’t focus on stealing money or data outright. Instead, their aim is to sway public opinion for political or strategic ends. A notable example of this tactic is the recorded attempts by Russia to interfere in the 2016 U.S. presidential election. While investigations concluded that the electoral outcome would likely have remained the same, the incident underscored how digital influences can disrupt democratic processes.
In Israel, authorities are sounding alarms over similar activities. The INCD and Shin Bet issued warnings about a surge in sophisticated cyberattacks targeting governmental officials, security personnel, academics, and media figures since mid-2025. Intelligence from these incidents often points towards Iran as a primary actor, though officials caution that threats originate from a variety of sources.
A Global Context: Israel’s Place in Cybersecurity
Currently, Israel ranks as the third most targeted nation for cyberattacks globally. Yet, it’s not alone in experiencing widespread digital disruptions. Recently, Jaguar Land Rover in the U.K. faced one of the most financially damaging cyberattacks, which resulted in nearly £2 billion in losses and forced a month-long shutdown across its production facilities. This incident disrupted supply chains for up to 5,000 businesses, prompting government intervention to stabilize operations.
Pushing for Comprehensive Cyber Legislation
In light of these growing cybersecurity challenges, Karadi is advocating for a comprehensive cyber law aimed at defining the INCD’s powers and establishing clear responsibilities for private-sector stakeholders. The proposed legislation, submitted on January 25, outlines 63 cybersecurity requirements for critical infrastructure providers and government agencies, incorporating guidelines from the National Institute of Standards and Technology.
A pivotal element of this legislation mandates real-time breach reporting to the INCD for companies facing significant cyber threats. This is intended to facilitate timely coordination and containment of incidents, reducing the likelihood of escalating into national crises.
Karadi, who took on the role just about a year ago, hopes to present the bill for its first reading in the Knesset by March. If the legislative process proceeds swiftly, it could be enacted prior to the upcoming election season set to begin in mid-summer.
