TZUTC: -0500
MSGID: 1125.consprcy@1:2320/105 2c8c8057
PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0
TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
As political violence manifests through cyber attacks, companies must prepare

Date:
Thu, 15 May 2025 14:27:56 +0000

Description:
"Old vs. new tech," reliance on technology, geopolitical instability increase
cyber threat, according to Allianz.

FULL STORY
======================================================================

The Allianz Risk Barometer, an annual report detailing the risks businesses
are most concerned about for the year ahead, has seen companies rank 
political risks and violence as a top 10 global risk for the past three 
years. Businesses concerns have been exacerbated by 2024s record-breaking
number of elections, the developing conflict in the Middle East, and ongoing
war in Ukraine. 

The negative impact of political violence on companies can manifest in many
ways, from endangering employee and customer safety to operational 
disruptions caused by material damage to premises or assets. As technology
advances, uncertainty grows, and political tensions remain high around the
world, businesses must consider their vulnerabilities, particularly in the
cyber realm. 

According to Allianz Commercials new Political Violence and Civil Unrest
Trends 2025 report, cyber breaches represent one important way that political
violence activity can impact businesses. This years report identified a key
trend: that new tech versus old tech has increased the threat of rogue
state-triggered damage and disruption, alongside increased reliance on
technology around the world and ongoing instability in the geopolitical
landscape. Addressing areas of vulnerability will be essential as companies
grow operations in an increasingly volatile cyber environment.

New tech, new threats

Advances in technology and global connectivity have increased production and
dissemination of misinformation and disinformation. To sow discord, Advanced
Persistent Threat (APT) actors, which are usually sponsored by rogue nations
or organizations, leverage cyber-attacks to disseminate false information,
using techniques such as manipulated online news platforms and compromised
social media accounts to instigate real-world events such as aggravating
political polarization, promoting social unrest and riots and undermining
democratic elections. 

APT groups often engage in sophisticated cyber espionage, such as in the case
of the Southport attacks and subsequent far-right riots during 2024 in the 
UK, which spread disinformation and caused social disruption. 

Increased digital reliance and geopolitical instability are also heightening
the risk of cyber-attacks that inflict physical harm at the same time.

Exposures in critical infrastructure 

Critical infrastructure, including energy, transportation, and manufacturing,
faces growing vulnerability to disruptions, equipment damage, and threats to
human safety via cyber means. 

To manage physical processes at these large installations, complex Industrial
Control Systems (ICS) or operational technology (OT) systems are used for
control and monitor purpose. Typically, these systems are legacy in nature 
and have obsolescence issues. That means they are vulnerable to attacks that
can disrupt physical processes which can lead to potentially hazardous
scenarios. For example, in refinery operations manipulation of ICS and safety
systems can lead to catastrophic fire, explosions and can cause major
environmental damage due to hydrocarbon releases. 

Utility companies, too, depend extensively on OT systems. The prevalence of
outdated, internet-unsecured devices within such networks poses a major
security challenge due to infrequent updates. The utility sectors cyber
security weaknesses render it highly vulnerable. Exploiting
internet-accessible OT and ICS devices, including those in the wastewater and
water sectors could affect millions of people, with potentially severe
consequences for public health and safety. 

The vulnerability of transportation systems to cyber threats also raises
critical concerns regarding the potential for cyber-physical attacks to cause
tangible damage. While modern aircraft possess strong security protocols,
vulnerabilities within airport infrastructure, including baggage handling and
air traffic control, present a tangible risk of physical damage stemming from
cyberattacks. Cyber-attacks targeting other transportation infrastructure 
also pose a significant risk of physical damage, with disruptions to 
signaling systems capable of triggering collisions or derailments. In August
2023, a cyber-attack on Polands railway system, where hackers manipulated
unsecured radio signals to activate emergency train stops, demonstrates the
susceptibility of outdated infrastructure to digital threats.

Addressing cyber vulnerabilities

Assessing the robustness of cybersecurity for key infrastructure demands a
multi-faceted approach. Companies should engage with their insurance 
providers through cyber risk dialogue to discuss potential threats to the
industry, as well as the insureds weaknesses in people, technology and
processes. Beyond traditional IT defenses, evaluations also include
scrutinizing vulnerabilities, including legacy systems which are often
ill-equipped for modern cyber threats, as well as an end-to-end assessment of
the insureds value chain. 

Key weaknesses often reside in unpatched, poorly secured legacy systems, and
the convergence of IT and OT networks. Supply chain vulnerabilities,
inadequate incident response plans, and a lack of robust security awareness
training further exacerbate these risks. Human error, particularly in access
management and patching protocols, remains a significant entry point for
malicious actors. 

The convergence of Artificial Intelligence , social media, phishing, and
Business Email Compromise attacks creates a potent and evolving threat
landscape. These technologies are being weaponized to create more convincing
and effective cyber-attacks. 

How an organization will recover and maintain critical functions during and
after a disruption is key. A robust business continuity plan encompasses a
business impact analysis to pinpoint critical functions, defined recovery
strategies and procedures, clear communication protocols, reliable data 
backup and recovery systems, flexible alternative work arrangements, and
regularly conducted testing and exercises. Comprehensive audits encompass
physical security, incident response protocols, and supply chain resilience.
Regular penetration testing and threat intelligence integration are also
crucial for identifying and mitigating emerging risks, ensuring the 
continuous protection of essential services. 

 This article was produced as part of TechRadarPro's Expert Insights channel
where we feature the best and brightest minds in the technology industry
today. The views expressed here are those of the author and are not
necessarily those of TechRadarPro or Future plc. If you are interested in
contributing find out more here:
https://www.techradar.com/news/submit-your-story-to-techradar-pro

======================================================================
Link to news story:
https://www.techradar.com/pro/as-political-violence-manifests-through-cyber-at
tacks-companies-must-prepare

$$
--- SBBSecho 3.20-Linux
 * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 111 114 206 300 307 317 400 426 428
SEEN-BY: 229/470 664 700 705 266/512 291/111 320/219 322/757 342/200
SEEN-BY: 396/45 460/58 712/848 902/26 2320/0 105 3634/12 5075/35
PATH: 2320/105 229/426