Watch this episode without interruptions.
Listen wherever you get your podcasts.
The missiles stopped. The attacks did not.
"The ceasefire is only for communication. There is no ceasefire in cybersecurity," Julia Kogan Ehrlich, a cybersecurity executive, angel investor and former officer in the IDF's Unit 8200, said in an interview on the JPost sits down with... podcast. "The fire is maybe in a byte and not in a missile. Our physical world may not be jeopardized, but our infrastructure is constantly under attack."
Kogan Ehrlich was responding to recent comments by the head of the Israel National Cyber Directorate, who disclosed that Iranian cyberattacks on Israel roughly tripled during the war, to some 4,800 significant attacks, and warned that unlike the kinetic front, the cyber front never went quiet.
That number, she stressed, counts only the serious ones. The background noise, she confirmed, runs into the millions.
"The world just twisted from the kinetic and moved to a different vector of war," she said. "People are going back to a normal life right now. Nobody knows how many people are working long hours to make sure that all the Israeli infrastructure, everything behind the scenes, keeps moving."
By her estimate, the public sees almost none of it. "Ninety-eight percent of the attacks, people are not even aware of," she said. "They're seen behind closed doors, because they're being defended against."
What 4,800 attacks could actually mean
In April 2020, Iranian hackers penetrated part of the cyber defenses protecting a section of Israel's water supply and were stopped only at a late stage. Had they not been, the chlorine levels in drinking water could have been altered.
Asked whether each of those 4,800 attacks carries that kind of potential, poisoned water, downed electricity, trains colliding, an air traffic control tower going dark, Kogan Ehrlich did not soften it.
"I agree," she said. "Critical infrastructure, healthcare organizations, hospitals, even clinics. Every aspect. You can take it to the national database."
And when personal data is stolen and published, she added, the damage is real even if the taps keep running.
There is no single fix. "There is no holistic solution," she said. "Israel is defended in multiple layers, in multiple pillars." The method, as she described it, is to start from the doomsday scenario and work backwards, build the worst case, then break it into scripts that individual organizations and their chief information security officers can actually implement, half of it technology, half of it training people who will still, at some point, be asked to click a link.
AI as a weapon
Two years ago, she said, AI was essentially a very smart friend doing small chores. That era is over.
"AI now completes tasks. Complex tasks. It analyzes information for your benefit," she said. "And everything you can do as a benefit can be used as a malicious tool."
The result is that the barrier to launching an attack has collapsed, and the attacks themselves have become automated. "The battlefield is not people against people anymore," she said. "Sometimes it's a machine against humans." In the war with Iran, she argued, it is closer to AI versus AI, an arena in which Israel is among the world leaders, which is precisely why so little of the fight is visible. The most unsettling part of the conversation had nothing to do with Iran.
Two minutes of recorded audio is now enough to clone a person's voice convincingly for an extended conversation. Which means the old scam email from a Nigerian prince, a punchline for two decades, has been replaced by a phone call from your mother, crying, asking for NIS 5,000 immediately because she is in trouble.
The scammers have picked their targets carefully. "Eight out of ten people being targeted are elderly Russian-speaking Israelis," Kogan Ehrlich said, citing police figures. The reason is structural: much of the older generation that arrived in the great immigration wave of the 1990s never learned Hebrew, and many are not fluent in the online world where these tricks are discussed and debunked.
She made it personal. One of her grandmothers speaks only Russian; the other speaks Russian and a little Hebrew. "If somebody calls them with my voice, they will give all the details. All of them," she said. "They will not think for one minute. If I'm in trouble, they will come to support me. They will not ask another question."
Kogan Ehrlich is set to serve as a mentor and judge at an upcoming hackathon run by Unit 8200 alumni together with BioCatch, one of Israel's leading fraud prevention companies, aimed specifically at this attack pattern.
Her advice to families, in the meantime, is unglamorous and free:
Agree on a code word. Something that would never come up in a normal conversation, known only to children, parents and grandparents. If the voice on the phone is begging for money, the answer is: what's our code word? A real relative knows it. A cloned voice does not.
And stop asking for help over the phone. "If you need help, come visit. Ask face to face," she said. It is not only about money. It is about restoring the assumption that a real request happens in person.
'Meet the iceberg head-on, or go around it'
Kogan Ehrlich served nearly nine years in Unit 8200 and was released with the rank of major, serving through two wars. She was not in the unit on October 7. She is candid about what that day meant for it.
"Let's put it on the table. There were gaps we were supposed to detect," she said. "The unit came together and pulled everything it could to make sure those mistakes will not be repeated."
What the unit taught her, she said, was not any particular technology — technologies expire — but a way of reacting when something completely new appears and nobody in the room knows what to do. Everything stops. People are pulled into small groups. They learn the problem, meet in the morning, at lunch, after lunch, in the evening, and keep redefining the solution until, as she put it, there is white smoke.
She reaches for the Titanic to explain it. The ship tried to turn and got sliced open along its side; had it hit the iceberg head-on, the damage would likely have been survivable.
"Sometimes you just need to face it," she said. "Meet the iceberg head-on, or go around it. Both approaches run in parallel, all the time."
It also explains why 8200 graduates are so heavily represented among Israel's founders, CEOs and venture partners. "You invest where your mind is," she said.
Who gets left behind
For all the alarm, Kogan Ehrlich is not a pessimist about AI. She compares it to the Industrial Revolution and to the arrival of the internet, a change in kind, not in degree, and expects better tools for defense, for thinking, for education. She envisions a near future in which an executive briefs an AI system continuously and it makes decisions on a minute-by-minute basis, and she notes that the frontier keeps moving so fast that a three-month AI course is often obsolete by the time you finish it.
That, she said, is exactly where the danger lies.
Governments, the Fortune 500 and the top startups will keep pace. Everyone else may not. Small and medium businesses are still running legacy systems. Healthcare organizations, targeted constantly and globally, are frequently wide open. And patients are now arriving at clinics having already run their blood tests through a chatbot.
"The doctor also needs to be aligned with AI," she said. "Otherwise, he could be missing out."
Would she let a robot treat her? She laughed. Maybe not in a year. In ten, who knows.
"We do need the human touch. Sometimes we just want somebody to look at us and reassure us," she said. "But I want to make sure he knows what he's talking about: the results and the accuracy."
On the machines, as on the infrastructure, her position is the same: let the AI lead the technology, but keep a human at the gate.