Cyberattacks in times of conflict: supply chain becomes a weak point
Cyberattacks in times of conflict: supply chain becomes a weak point
Cyberspace as a parallel battlefield of modern conflicts
Today, geopolitical conflicts are taking place not only on the physical battlefield, but increasingly also in the digital space.Cyberattacks are becoming part of modern hybrid conflicts and their impacts can affect state institutions, companies and critical infrastructure.
Current developments in the Middle East show how quickly an escalation of conflict can increase hacker activity. Security analyses indicate that there has been a significant increase in cyber incidents in the region since the outbreak of the conflict. According to a study by Checkpoint for Q1 2025, the number of ransomware attacks increased by 126%.
In addition to state-backed hacker groups, hacktivist collectives are also becoming active, attacking, for example, government websites, media or technology companies.
Modern conflicts have an increasingly pronounced digital dimension. Today, organizations are facing a situation where cyberattacks are not just a matter of crime, but can be part of broader geopolitical conflicts
Today, attackers are often not looking for the best-secured organization, but on the contrary, the weakest link in its ecosystem. Therefore, the supply chain is becoming one of the main vectors of modern cyberattacks.
Hackers are increasingly attacking through suppliers
One of the most dangerous types of cyberattacks are so-called supply chain attacks, i.e. attacks through the supply chain.In this case, the attackers do not directly attack the target organization, but compromise one of its suppliers.
A typical scenario is an attack on a smaller technology company that provides software or IT services to a larger company. If such a vendor has access to the customer's internal systems or provides software that the customer uses, the attack can spread further.
For example, attackers modify software or update packages that a vendor distributes to its customers. This way, the malicious code enters the target organization's infrastructure through a legitimate update.
Such an attack can remain hidden for a long time while affecting a large number of organizations that use the same software or services.
Regulations increase the emphasis on supplier management
The growing importance of supply chains is also reflected in new regulatory requirements. European legislation, such as the NIS2 Directive or the DORA Financial Regulation, places increasing emphasis on cyber risk management for external suppliers.Companies must therefore be able to prove that they actually verify and monitor the safety of their suppliers on an ongoing basis.
One of the tools that is increasingly used in practice is an independent audit according to the SOC 2 standard, which comprehensively verifies the setting of security controls at service providers.
"Organizations are increasingly finding that their security is only as strong as their suppliers. Independent audits, such as SOC 2, help to transparently verify the level of security controls and strengthen trust between business partners," says Dominika Adamcová, Audit and Compliance Specialist.
Companies must actively test security
In addition to supplier management, according to experts, regular testing of system security is also crucial. Organizations often only discover their weaknesses when a real incident occurs."Safety cannot be verified only on paper. Organizations must be able to realistically test their defenses and find out how their systems would hold up in a real attack," says Marek Kovalčík, who has been involved in offensive security and security testing for a long time.
According to experts, companies should pay particular attention to:
- Managing cyber risks in the supply chain
- independent audits of security controls (e.g. SOC 2)
- regular penetration testing and simulation of cyberattacks
- the organization's readiness to handle security incidents