Israel is a major target for cyberattacks on critical infrastructure, according to a new study by cybersecurity firm Claroty, which analyzed hundreds of attacks by global hacking groups aimed at disrupting daily life and sowing chaos.
The study, completed by Claroty’s research division, Team82, found that most attacks exploit communication protocols to gain remote control of industrial processes but don’t require advanced skills or technical knowledge.
The study analyzed over 200 cyberattacks in 2025 by more than 20 groups, including some tied to Iran. Recently, the Iranian regime has come under fire for its extensive cyberwarfare operations against Western targets.
More than four in five Iranian-linked cyberattacks target Israel, US
According to Claroty, 81% of cyberattacks by Iranian-supported groups target Israeli or American infrastructure.
Similarly, 71% of incidents traced back to Russia targeted organizations within the European Union (EU). Italy, France, and Spain were the most targeted within the EU, with organizations in them together making up 38% of all targets.
Attacks seek to disrupt daily life
According to the study, internet-connected physical systems such as “control and monitoring systems in power plants, water infrastructure, industrial production lines, transportation and aviation infrastructure, hospitals, sensors, cameras,” have become prominent targets lately.
This “reflects a broader trend among attackers aiming to cause maximum disruption to daily life in the target country, sow panic and confusion, damage assets and infrastructure, and even inflict physical harm on workers or the general public,” Team82 said.
“Our research exposes a significant escalation in how malicious actors are penetrating operational systems that enable the day-to-day functioning of society,” said Amir Preminger, Chief Technology Officer and head of the Team82 research division at Claroty. “Attackers are using relatively simple technological means to target critical sectors—from manufacturing, to water and wastewater, to electricity generation and healthcare—industries where disruption could lead to severe and even dangerous consequences."
Preminger added that, "Based on our findings, there is a clear need to strengthen security efforts in the cyber-physical domain, and organizations can no longer tolerate weak cybersecurity practices around these systems.”
Analysts have long warned of Iran’s cyberwarfare capabilities, which have caused some damage to both American and Israeli organizations lately.
On Thursday, the Department of Justice (DOJ) announced that it had seized several internet domains linked to Iran’s cyberwarfare operations, signaling a potential escalation in efforts to curb Iran’s online influence.