You can’t understand cyber threats without grasping the nuances of global politics.
When I first joined Cybernews five years ago, I was told the outlet hadn’t been covering politics and that it should stay that way. As the world events later unfolded, with the Belarus revolution, the Black Lives Matter movement, the Russian invasion of Ukraine, and the Israel-Palestine war, among other numerous events, staying out of it proved impossible.
On the contrary, by looking where the political wind blows, you can predict the cyber threats that lie ahead for people and organizations.
According to Flashpoint's 2025 Global Threat Intelligence Report, the majority of data breaches stem from an “unwanted outsider gaining access.” Researchers noticed quite an unusual breach target – Russia – which has historically been out of bounds for many cybercriminals.
“Most malware strains even have built-in code that prevents installation on Windows systems with Russian virtual keyboards installed,” the report reads.
However, the invasion of Ukraine has created divisions between the Ukrainian and Russian threat actor groups, leading to Russian organizations being increasingly targeted.
“This highlights the direct influence of geopolitical dynamics on cyber activity,” the report reads.
According to a fresh survey by the SANS Institute about cyber threat intelligence (CTI) based on responses from nearly 500 professionals, armed conflicts and geopolitical tensions have transformed cybersecurity into a core business risk.
Ashley Jess, an Intel 471 senior intelligence analyst, has an interesting take on this.
“With the increasing convergence of politics and cybercrime, you can't just focus on technical indicators of compromise or attack vectors to make the most accurate and comprehensive assessment anymore,” she said.
To fully grasp the cyber threat landscape, you need a “nuanced understanding of international relations.”
It’s a must to link cyber activity to a broader context to identify, predict, and respond to emerging threats more effectively.
Now, back to the report by Flashpoint: we are living in an era of a hybrid Cold War, with Russia, China, Iran, and North Korea as the key orchestrators of hybrid warfare strategies aimed at destabilizing international alliances.
“North Korea’s Lazarus Group is funding the regime through sophisticated cyber campaigns, siphoning billions from financial institutions and cryptocurrency platforms to fuel its weapons program and bypass international sanctions,” Andrew Borene, one of Flashpoint’s executives, said.
“Iran, China, and Russia are leveraging AI-generated deepfakes, fake social media personas, and information warfare to manipulate public perception, disrupt democratic institutions, and influence global discourse, presenting a direct challenge to intelligence and security professionals trying to distinguish fact from fiction.”
Your email address will not be published. Required fields are markedmarked