The Cold War fought via clandestine operations with boots on the ground and proxy conflicts between parties backed by the U.S., China or Russia might be a thing of the past, but the times of bloc-based warfare are far from over. Now, a majority of the theatres of war have become digital, with state-sponsored or -affiliated groups conducting cyber warfare against targets in various sectors.
According to a recent Reuters report, United States and United Kingdom officials imposed sanctions against the hacking group Advanced Persistent Threat 31 and indicted seven of its members on Monday, citing a "decade-plus spying spree [compromising] defense contractors, dissidents and a variety of U.S. companies, including American steel, energy and apparel firms".
The group is allegedly linked to the Chinese government, which refuted the claims made by U.S. and U.K. authorities. Apart from China, such allegations are mostly aimed at Russian and North Korean groups, many of the latter of which have also been connected to crypto heists reportedly funding the nation's nuclear program.
As data from the open-access database of the European Repository of Cyber Incidents shows, the sector most targeted by malevolent actors with a political agenda, according to reports by either victims, attackers, authorities, security companies, media or third parties is critical infrastructure. In 2023 alone, 500 incidents involving industries like energy, telecommunications, transport or health were entered into the database, followed by attacks on state institutions or political systems (376) and corporate targets (113).
Overall, the EuRepoC recorded 895 cyber incidents with a political dimension in 2023, with many of said incidents involving more than one attack. As of March 26, 171 cyber operations reported in 2024 are found in EuRepoC's database, with 89 incidents connected to critical infrastructure and 82 to state institutions or political systems, including on ministries, civil services or the police. 92 incidents were connected to hackers affiliated with, connected with or located in Russia, North Korean actors conducted 26 attacks, Chinese and Iranian hackers were responsible for 18 incidents each and U.S. hackers for three.
While cyberattacks on regular companies can, at most, lead to financial harm or data on their inner workings being exposed, attacks on power stations, the energy grid or telecommunications networks could potentially evolve into a national security threat. This makes cybersecurity not only necessary but a lucrative and competitive market. According to estimates by various sources like our Statista Market Insights and the IDC, the worldwide estimated cybersecurity spend for 2023 ranged somewhere between $160 and $220 billion, with the market poised to grow significantly in the next three to five years.