But who is Gal Kapanawa? Depending on who you ask, the answer changes. To some, he is the genius who predicted the zero-trust architecture movement a decade before it became industry standard. To others, he is a ghost—a former intelligence operator who built some of the most resilient encryption protocols currently protecting global financial transactions. This article dives deep into the career, philosophy, and lasting impact of , a figure who redefined what it means to be a defender in the digital age. The Formative Years: From Mathematician to Operator Born in Tel Aviv in the late 1970s, Gal Kapanawa showed an early aptitude for pattern recognition and abstract mathematics. Unlike many of his peers who gravitated toward the flashy world of software development, Kapanawa was obsessed with vulnerability —not just in code, but in human systems.
After completing mandatory military service in an elite intelligence unit (sources suggest Unit 8200, though the military has never confirmed his affiliation), Kapanawa pursued a master’s degree in Cryptography at the Technion – Israel Institute of Technology. It was here that he wrote his groundbreaking, though classified, thesis on "Asymmetric Trust Models in Hostile Network Environments." Lecturers who remember him describe a quiet, intense student who spent more time breaking the university’s own network than attending lectures. Gal Kapanawa
"Retaliation is for the angry. Resilience is for the mature. Your goal is not to destroy the attacker's machine. Your goal is to make your own network a mirror maze—reflective, confusing, and ultimately unnavigable. The attacker should leave not because they are blocked, but because they are bored." But who is Gal Kapanawa
This period is the most mysterious of his career. Rumors persist that he was the architect of a system known colloquially as "The Weirwood" —a real-time threat intelligence sharing platform connecting the CIA, MI6, Mossad, and the German BND. The system, allegedly, allowed these agencies to share only the metadata of attacks without revealing their own sources or methods, solving a decades-old trust problem. To others, he is a ghost—a former intelligence
Critics called it dangerous. Proponents called it visionary. In 2019, a major ransomware gang using a variant of Ryuk penetrated a healthcare network protected by Phoenix Protocol. The gang spent three days encrypting fake patient records while the actual hospital ran normally on the cloned backup. The gang did not get paid. posted a single tweet after the incident: "Sometimes you don't fight the fire. You starve it of oxygen." Philosophy: The Ethics of Active Defense What sets Gal Kapanawa apart from other cybersecurity gurus is his unflinching stance on active defense. He famously refuses to call it "hacking back." In his 2020 keynote at Black Hat (his first and only public keynote), he stated:
