Critical vulnerabilities left government systems, sensitive data open to cyberattacks during war

Critical cyber vulnerabilities left Israeli government systems and sensitive data exposed to attacks for an extended period, even during wartime, according to a State Comptroller report. The government continued using a remote-work platform with known flaws for 10 months after the National Cyber Directorate ordered its shutdown.

State Comptroller Matanyahu Englman highlighted significant deficiencies, stating the government must be well-prepared for cyberattacks, especially given threats from Iran. The reports found emergency bodies were not adequately prepared, and the risk of cyberattack exposure had not been sufficiently examined. While the National Cyber Directorate issued cyber-readiness instructions after October 7, they were not universally passed on to emergency bodies.

“

In light of the threats from Iran, the government must be well prepared for cyberattacks. The reports found significant deficiencies; they must be corrected immediately.

One of the most serious findings concerned the remote work platform. Despite the National Cyber Directorate's instruction to cease its use, the National Digital Agency and 65% of government ministries continued employing it for 10 months, with usage only stopping in January 2025. The Fire and Rescue Authority lacked a business continuity plan for remote work, had not conducted required emergency exercises, and had not performed penetration tests until the audit. Similarly, the police had no technological business continuity plan, hadn't held emergency exercises, and conducted a penetration test of its remote-work system only in early 2025, years after the previous one.

The Foreign Ministry, identified as a major cyber target, also exhibited longstanding gaps. During the Gaza war, information-security incidents at Israeli missions abroad surged by approximately 500%, with hundreds of incidents in 2023, including an attempted embassy employee email breach. Englman described a continuing technological gap and an organizational culture incompatible with the defined threat level for the ministry, whose cyber and information-security policy had not been updated since 2018.

“

The picture emerging from the audit of the Foreign Ministry shows a continuing technological gap in the ministry’s computer systems that has lasted for many years, and an organizational culture that is not compatible with the reference threat defined for the Foreign Ministry.