Geopolitical Tensions Escalate Cyberattack Risk for Businesses

Businesses globally are on an unavoidable collision course with a growing wave of cyberattacks, driven by the current volatile geopolitical landscape.

A recent report from GlobalData's Cybersecurity series highlights that escalating global instability is fueling a significant increase in cyberattacks perpetrated by a diverse range of actors, including state-sponsored groups, terrorists, hacktivists, and opportunistic cybercriminals.

The report points out that the challenging geopolitical environment, significantly influenced by ongoing conflicts like those in Ukraine and the Middle East, has created an "uneven playing field" that cyber attackers are actively exploiting. While financial gain remains a strong motivator for some, many attackers are driven by revenge. This often manifests as attacks from disgruntled employees or disaffected customers. Other threat actors include hacktivists seeking to draw attention to their causes, terrorists aiming to disrupt critical national infrastructure, and nation-states engaging in cyber warfare against other countries.

Companies involved in critical national infrastructure are particularly vulnerable during times of heightened geopolitical turmoil. The primary objectives of such attacks often include intelligence gathering or the disruption of essential state functions.

A stark example provided is Volt Typhoon, a Chinese state-sponsored cyber operation that has primarily targeted the U.S., focusing on espionage, data theft, and credential access.

Adding to these concerns, the World Economic Forum’s Global Cybersecurity Outlook 2025 report corroborates that supply chain attacks are expected to increase as geopolitical tensions intensify. The report notes that nearly 60% of organisations' cybersecurity response strategies are now being shaped by geopolitical events.

The complexity and interdependence of global supply chains create an uncertain cybersecurity landscape. Suppliers may have opaque cybersecurity practices, weak governance, or software vulnerabilities, and they are also susceptible to state-sponsored attacks or the emergence of cybercriminal groups in conflict zones.

Supply chain attacks, which gained significant prominence in 2020 following the SolarWinds breach where Russian hackers infiltrated the company's systems to insert malicious code, are becoming increasingly frequent and damaging.

IBM’s 2023 Cost of a Data Breach report further emphasises this threat, revealing that the total identification and containment lifecycle for supply chain attacks averages 307 days. This is a significant 13% longer than the average 270-day lifecycle for data breaches attributed to other causes, highlighting the prolonged impact and complexity of these particular incidents.

How prepared is your organisation for the inevitable increase in sophisticated cyber threats?