Fifteen years ago, a cyber weapon, Stuxnet, was deployed for physical destruction and geopolitical objectives, marking a critical turning point in cyber warfare. The discovery of the world’s first digital weapon opened Pandora’s Box to a new era in the modern cyber threat landscape. Today, cyber warfare is again going through a fundamental shift, but this time, supply chains are the frontline in hybrid conflict.
For years, there has been a steady drumbeat of cyberattacks, with the universe of targets and tactics increasing year over year. Attacks that once targeted state secrets, sensitive data or financial gains are also targeting powerful physical systems that civilians rely on, including critical infrastructure, medical devices and supply chains. In fact, we may be at another tipping point in cyber warfare. As the Hezbollah pager attacks demonstrated last year, geopolitics may be driving yet another paradigm shift, with supply chain attacks resulting in both physical destruction and a human toll.
Shattering the rules of engagement: Cyber warfare’s new frontlines
From the 2012 Saudi Aramco attacks where wiper malware destroyed over 35,000 computers to the 2024 infiltrated pagers and walkie talkies that exploded across Lebanon, damage to physical infrastructure by cyberattacks is no longer unprecedented. The question now is whether the Hezbollah pager attacks were an anomaly, or whether we are entering a new era of supply chain sabotage and manipulation.
As rules of engagement evolve and mark a new era of hybrid conflict, one thing is clear: Supply chains, and their hyperspecialized and distributed footprint, are growing targets as geopolitical tensions rise. The weaponization of supply chains poses a growing risk, whether through delayed pricing or other unethical trading practices on one extreme to manipulation and destruction on the other. In 2018, a Bloomberg report revealed that Chinese spies infiltrated 30 U.S. companies by building spying capabilities into phones built in China. While the article and related revelations remain debated, hardware infiltration and manipulation within the supply chain pose a legitimate security risk. With this new reality, organizations must recognize supply chain security as part of their resilience strategies, including the potential risks stemming from weaponized supply chains.
The next tipping point for security: Weaponized supply chains
Risky businesses within the supply chain ecosystem have increasingly been a point of concern, both from a national and economic security standpoint. Just as Stuxnet shattered the norms of cyber behavior, new instances of digital weaponry are also upending supply chain risks and potential destructive effects.
The United States continues to add thousands of companies to various sanctions lists, many of which have been deemed national security risks – and this trend is spanning the globe as countries increasingly observe the real-world impact of foundational technologies being used as Trojan horses to carry out foreign government objectives.
For example, five years ago, the Pentagon barred the military from purchasing phones made by Huawei and ZTE due to national security risks. However, other governments have since followed suit as India blocked Chinese apps, China blocked Russian cybersecurity company Kaspersky, and Australia removed Chinese security cameras, among others. Today, China and the United States are going head-to-head with tit-for-tat restrictions and sanctions targeting domestic technologies. The recent back and forth over Nvidia chips in the Chinese market is indicative of the regulatory and security risks that are top of mind for both governments.
These examples all share a common theme: heightened awareness of the risk of foreign-made components legally integrated into United States and allied systems, only to be exploited later for malicious gain. For decades, globalization drove greater interdependence without geopolitical considerations. This is no longer the norm. The industry is witnessing the tipping point, as supply chains are upended, and there is growing awareness of foreign infiltration and manipulation risks, especially in emerging technology supply chains.
Fortifying supply chains from escalating threats
A year has passed since the pager attacks, and so far, nothing has competed in scale or impact. Nevertheless, there have been potential occurrences of drone headsets installed with explosives as well Ukraine’s Operation Spiderweb, which leveraged supply chain infrastructure to reach far inside Russian territory. Cyber warfare continues to evolve and find new means to achieve objectives, with many organizations knowingly, or unknowingly, caught in the crossfires. In this tumultuous environment, there are several steps organizations can take to build resilience:
1. Know your supplier: Supplier due diligence takes on even greater importance, not just within direct vendors but across your entire supply chain. With single instances of cyber vulnerabilities streaming down entire supply chains, this requires enhanced visibility across whole ecosystems.
2. Supply chain security risk assessments: Data from interos.ai found that 99% of indirect suppliers for S&P 500 companies have ties to at-risk or restricted entities. Technology firms on restricted lists represent a more probable pathway to hardware infiltration and warrant heightened alert, and should be treated as such. Understanding what companies in your supply chain pose national and economic security risks is critical.
3. Restriction tracking: Monitoring restricted entities is notoriously challenging, as no single consolidated list across all U.S. and international organizations exists. Working with a partner that provides real-time tracking and maps restrictions to your supply chain can deliver the visibility needed to understand both regulatory exposure and potential threats. Companies on these lists don’t just pose a regulatory risk, they may also serve as vectors for data interdiction or outright sabotage on behalf of adversaries.
Securing supply chains against weaponization
In today’s tenuous geopolitical environment, technology supply chain infiltration has turned into a growing supply chain security risk. As geopolitical tensions continue to rise, the question isn’t if infiltration will occur again – but when. Supply chains are now on the frontlines of geopolitical competition, leading to significant regulatory and security shifts. These emerging threats make it even more critical for a reassessment of supply chain security efforts and a reprioritization of resilience through entire ecosystems. Organizations that fail to internalize these new dynamics expose themselves to greater risks and at a competitive disadvantage against those that are already on the pathway toward supply chain resilience in this new normal.
