Mining Technology

Businesses at greater risk of cyberattack due to geopolitical tensions

Global instability is causing an upsurge in cyberattacks by state actors, terrorists, hacktivists and opportunistic cybercriminals.

Businesses around the world “will inevitably be affected” by an increase in cyberattacks driven by geopolitical tensions, a new report outlines.

The latest edition of GlobalData’s Cybersecurity report details that global instability is causing an upsurge in cyberattacks by state actors, terrorists, hacktivists and opportunistic cybercriminals. It explains that the challenging current geopolitical environment, fuelled in part by the ongoing conflicts in Ukraine and the Middle East, has “gifted cyberattackers an uneven playing field,” which it notes that they are actively exploiting.

“Those not after money are often motivated by revenge, and these types of attacks typically involve a disgruntled employee or disaffected customer,” the report says. “Other threat actors include hacktivists trying to gain attention for their cause, terrorists intent on damaging critical national infrastructure, or nation-states using cyber warfare against other countries.”

The report adds that, at a time of heightened geopolitical turmoil, companies operating critical national infrastructure are particularly at risk.

“The goals of such attacks are often to gain intelligence or disrupt essential state functions,” the report explains. “A notable example of this is Volt Typhoon, a Chinese state-sponsored cyber operation primarily targeting the US with a focus on espionage, data theft and credential access.”

Relatedly, the report notes that, per the World Economic Forum’s Global Cybersecurity Outlook 2025 report, “supply chain attacks will continue to rise as geopolitical tensions increase, with nearly 60% of organisations’ cybersecurity response strategies shaped by geopolitical events.”

It adds that “complex and interdependent global supply chains will create an uncertain cybersecurity landscape. Not only may suppliers have opaque cybersecurity practices, poor governance, or software vulnerabilities, but they will also be impacted by state-sponsored attacks or the growth of cybercriminal groups emerging in conflict zones.”

Supply chain attacks, which GlobalData observes came to the fore in 2020 when Russian hackers broke into SolarWinds’ systems and added malicious code to the company’s software, are becoming more common and more damaging. IBM’s 2023 Cost of a Data Breach report found a total identification and containment lifecycle of 307 days for supply chain attacks, 13% longer than the average lifecycle of 270 days for data breaches attributed to another cause.