Forgot password?


What would ‘cyberwarfare’ really mean for businesses? 

As the military conflict in Ukraine has intensified over the last three weeks, fears of an unprecedented cyberwar have also increased. Ahead of Russia’s invasion, Ukraine accused the country of the denial of service (DDoS) cyberattack that targeted its defence ministry and two state banks. Although limited in its destructiveness, the desired outcome of the attack was likely to cause panic and damage the country’s morale before the invasion of two regions in eastern Ukraine on 24 February. 

The pretext to this is a long string of cyberattacks by Russia against Ukraine since the 2014 war, of which the NotPetya malware attack of June 2017 was the most devastating. First targeting Ukraine’s energy, financial and government sectors, it spread globally and became the “most economically damaging cyberattack of all time”. Now, amid a warning from Ciaran Martin, former Chief of the UK’s National Cyber Security Centre (NCSC), that we are at risk of another NotPetya-style attack as the war escalates, the hacker group, Anonymous, has declared its own cyberwar on Russia. 

There is consequently a very real threat of “spillover” from increased cyber activity in Ukraine which is only heightened by the involvement of the wider hacker community. So, what would a cyberwar look like, and which businesses are most at risk? 

Supply chains 

In the event of a cyberwar today, any small business that is part of a supply chain for publicly-owned organisations or government bodies would be at risk. Recent attacks through third-party providers, like the cyberattack that affected James Hall and SPAR, show just how hackers can use back-door entrances through partner companies with less resource to secure their networks. Cyberwarfare will make supply chains increasingly vulnerable as criminals will look to exploit them to penetrate the wider public sector.  

To overcome this, it is imperative for organisations to understand the risk of their involvement with third parties. Regular penetration testing, contractually agreed liability around breaches, and well-defined security policies and frameworks are all key measures that can be adopted to help mitigate vulnerabilities. What’s more, implementing a Zero Trust architecture offers additional protection against a potential supply chain attack by eradicating the implicit trust given to internal users. 

Operational Technology (OT) 

In the event of a cyberwar, criminals will also aim to target the critical infrastructure that keeps countries functional. Operational Technology (OT) would therefore be at the centre of this threat. Transport networks, warehouse machinery and medical devices are all vulnerable in this scenario. Moreover, the radical increase of the Internet of Medical Things (IoMT) in healthcare means that criminals can hack and affect life-saving-OT. By targeting IoT (Internet of Things), IoMT and OT, a country could very quickly become crippled, as well as resulting in a genuine loss of life. This would only become more disastrous if deployed at the same time as a physical attack. 

An outsourced solution 

Organisations should be looking to proactively protect their networks from the fallout of cyberwarfare with consistent threat monitoring. Working with a cyber security partner will enable organisations to benefit from the aggregate value of wide, varied threat intelligence from across the entire threatscape. An outsourced Security Operations Centre (SOC) should form a core element of any cyber security strategy. With the ability to identify and neutralise an attack in less than six minutes, combined with round the clock threat detection and response, the expertise of a SOC is invaluable in light of the cyber skills gap affecting 50% of businesses. 

Find out how an outsourced SOC can support your cyber strategy. 

Cyber Security Experts

Accredited and regulated, we're in the top 1% of cyber security agencies globally

Crown Commercial Service Supplier Cyber Essentials Plus ISO 27001 BSI ISO 9001 CHECK NCSC Cyber Incident Response CREST

We’re trusted by the UK Government as Crown Commercial Service providers as well as being accredited by two of the leading cyber security governing bodies. Our ISO9001 certification means you can rest assured our processes and approach are market leading.

Protect Your Business & Your Reputation.

With a continued focus on security, you can rest assured that breaches and exploits won't be holding you back.

Speak To An Expert


Get In Touch

[contact-form-7 id="5" title="Contact Us Form"]