Promoted Content

Startup steps up to defend Israel’s water network against Iranian cyberattackers

IXDen uses ‘behavioral biometrics’ to protect critical systems against ransomware and hackers


In 2020, Israeli media reported that Iranian hackers had infiltrated the computer network of six facilities controlling Israel’s water systems and disabled a sensor that detects chlorine levels. Without that tiny but vital piece of equipment, the chlorine in the drinking water could reach toxic levels or drop too low, allowing bacteria to grow in water used by millions of Israelis, Jordanians and Palestinians.

The cyberattack was ultimately unsuccessful, but as increasing numbers of components in such sensitive systems become connected to the fast-expanding “internet of things,” it demonstrated the constant cyberthreats to vital infrastructure networks including water, electricity and gas.

To make sure such attacks never happen again, Israel’s national water carrier Mekorot has become a partner and investor in IXDen, a local startup that guards against the malfunctioning of interconnected devices, whether caused by cyberattack or routine wear and tear. Both can be devastating.

“We are solving two big problems: security and operational problems, in one software product,” says Leonid Cooperman, co-founder and co-CEO of IXDen, whose technology aims to protect the more than 30 billion internet-connected devices in the world.

Ensuring that such devices operate reliably is key. Many of them are involved in potentially life-altering functions, such as sensors on gas and water pipelines, medical devices and driver-assist systems in cars.

“With the help of this system, we can bring Mekorot to a higher level,” says Moti Shiri, chief technology officer of Mekorot, which supplies water to more than eight million customers in Israel, Jordan and the Palestinian Authority, and has hundreds of thousands of internet-connected sensors that monitor everything from water levels to water content, and spur automated actions such as adding chemicals or opening pressure valves.

The market for IoT cybersecurity is growing 23.9% a year, and is expected to reach $36.6 billion by 2025, according to MarketsandMarkets. While IoT devices have allowed valuable automation in many fields, especially in water and energy infrastructure, they are increasingly prey to attack.

“The growing vulnerability of critical systems is now the prime concern of all governments,” MarketsandMarkets writes. “Either accidental or malicious interference with the controls of a nuclear reactor poses a severe threat to human life and property.”

Protecting these devices is a challenging task, partly because of their sheer number. The sensor-based devices tend to be relatively inexpensive and not necessarily designed with security in mind, making each one a potential gateway for hackers. In addition, the sensors used on infrastructure systems often feed only a fraction of the data to the central network, which means that network-level cybersecurity systems are missing vital information.

“This means we have a real problem,” Cooperman says. “In general, the architecture of a control system and a bunch of sensors presents challenges and problems for security.”

To solve this problem, IXDen’s technology takes some inspiration from the realm of security for payments and credit card transactions. Its technology learns the behavior patterns of each connected sensor. It then uses machine learning, artificial intelligence and proprietary mathematics to detect any deviation from normal or expected behavior, whether from a cyberattack or a simple malfunction. This multifactor authentication process is similar to how security and anti-fraud systems for payments flag suspicious transactions based on deviations from users’ typical spending and shopping patterns.

“We use a biometric approach to devices, to create a dynamic identity for each sensor based on its behavior,” says Zion Harel, co-CEO of IXDen. “This is a new approach we bring to the IoT world, because our technology gets to know every device’s normal behavior and, no less importantly, how the thousands of the system’s sensors and controllers work together.”

“Our product is modeling behavior, and understands automatically when a system starts to misbehave,” Cooperman adds.

For example, in the case of the chlorine sensor that was disabled, IXDen would be able to pick up on this right away because its AI-based technology would see that a sensor that usually has a consistent reading suddenly has no reading.

“We would immediately and in real time understand something is wrong,” Cooperman says.


IXDen’s technology also stands out because it is deployed on the sensors themselves, rather than on the central operating system’s network. Most network-level cybersecurity or monitoring solutions miss not only possible security breaches on various devices but also opportunities to learn from data patterns that could lead to increased efficiency and detect malfunctions early, before they cause large problems.

Because IXDen brings together and analyzes all the data from all of a system’s sensors, it can forecast when a device will malfunction by detecting subtle changes in equipment behavior. This ability to predict, rather than wait for, equipment malfunction can prevent water and power outages, saving both money and natural resources. The same technology also helps optimize prediction and early detection of equipment problems, like leaks or weak valves.

“This saves up to 10 percent of the energy consumption,” Shiri says. “In the future, the savings will be higher. We will be able to know when there is going to be a failure, and we will know how to fix malfunctions in the right and predictable way. It will prevent malfunctions that create water outages and serious incidents.”

IXDen says its customers usually learn about the company when looking for cybersecurity solutions, but, as the experience of Mekorot shows, the benefits of maintenance monitoring end up being equally important.

“Security events, although huge threats, are not happening every day,” Cooperman says. “But equipment malfunctions are a big deal on a daily basis, so for our clients this is where the real return on investment is.”

The solution is software-based and does not require any special hardware. It can be installed remotely, and used with almost all existing IoT devices. Technology and maintenance employees can track the status of equipment and learn from data patterns on a central dashboard that can be accessed remotely. The number of false alarms is about one-third lower than other security systems, Cooperman says.

IXDen is currently focusing on water and energy infrastructure networks, which have suffered a growing number of cyberattacks, including the ransomware hack that shut down the 5,500-mile-long Colonial Pipeline, which carries more than half of the gasoline and jet fuel used on the eastern coast of the United States.

“Critical infrastructure urgently needs our solutions,” Harel says. But IXDen also has other applications. “We are generating one product that can be used in any area of IoT, which is everywhere in life today.”

For more information about investing in IXDen with OurCrowd, click HERE.

read more:
Never miss breaking news on Israel
Get notifications to stay updated
You're subscribed