Cyber operations are a sign of rising geopolitical tensions, or in some cases, they happen before they do. In geopolitical conflict, all technology is seen as political and can be used as a weapon, a target, or a lever. Cyber operations linked to the government are still going on, with the main goal of gathering intelligence and sometimes causing problems as a way to send a message.
Attack methods are focusing on identity and the edge [6]. Recent reports also talk about how stealthy backdoors were put on appliances and virtualization platforms so that hackers could get in for months without making a lot of noise. At the same time, it is still common to quickly take advantage of 0-day and n-day vulnerabilities in perimeter appliances. Targeting is still mostly focused on government and telecommunications, with attacks on defense-linked networks happening over and over again.
Non-state actors, criminals, and hacktivists are more and more working with or after state campaigns. Distributed denial-of-service attacks are still the most well-known type of hacktivism, but the targets and goals are changing. It used to be a way for people to protest against powerful institutions online, but now it has become a complicated system of state-aligned and ideologically driven actors that often act as informal extensions of geopolitical power.
The attacks included messing with pressure valves at a water facility, changing the settings on an automated tank gauge at an oil and gas company, and taking advantage of the temperature and humidity levels at a grain silo on a farm. The meaning of these events is just as strong as the technical effect, showing that they can reach important systems.
The goal is no longer to take down one system, but to change the way people think by breaking down trust, dividing societies, and changing stories. It is important to think about why many of the techniques used in Cy-X compromises are "familiar, predictable, and defeatable," but still work. The recent breach at a big aerospace company shows that basic processes can break down at many levels.
Cyber extortion is not a small threat that will go away. It is a problem that will keep getting worse unless we change how we think, defend, respond, and work together. The problem is that we need to work together on a large scale, coordinate globally, and have the political will to see this threat as a danger to society.
Charl van der Walt, Head of Security Research at Orange Cyberdefense, wrote this opinion piece. It uses quotes and information from the Security Navigator 2026.
