Insight

Security teams should immediately review business continuity plans and focus on supporting regional staff, while preparing for crisis escalation and wider operational disruptions.

The immediate consequence of the horrific Hamas attacks in Israel is war in Gaza, as the IDF conducts strikes presaging a ground invasion. Travel in and out of Israel will be increasingly constrained, as nations urge citizens to leave the country and organize repatriation flights. Already, some firms have told their Israel-based teams to work from home and banned regional travel, as they activate Business Continuity/Disaster Resilience plans.

As military operations commence, diplomatic efforts will intensify to prevent the outbreak of wider hostilities. Israel is mobilizing 300K reserves and moving to a war footing, while the U.S. is deploying two carrier strike groups (and other special operations and expeditionary forces) to the region to deter Hezbollah and its Iranian supporters. While these strategic efforts aim to prevent further conflict in Israel, battlefield developments, security spirals and accidents in the fog-of-war risk escalation.

Intelligence regarding Iran’s precise role in instigating or directing the attack is still ambiguous, but recent reports indicate Iran has been working to better coordinate its proxies and prepare them for a “war with Israel”. The extent of culpability beyond Hamas may dictate the scope of Israel’s response and kinetic escalation.

At this point, highly destructive but localized conflict is inevitable in the Gaza Strip. There is still a chance of avoiding a wide regional war with catastrophic casualties and global repercussions, but that risk is material.

Current Cyber Risk Assessment: Minimal (mainly hacktivism, DDoS attacks, and web defacements targeting government services)

The primary risk to enterprise security is through the conflict’s effects on personnel and third parties from military mobilization, other national service, or family-related disruptions.

KSG assesses that this conflict is unlikely to change the cyber threat actor motivation or intent to target multinationals operating in the region.

• KSG has seen no evidence of cyber effects or notable changes in Iranian state-backed cyber activity related to this conflict.

• We have noted active disinformation efforts by many parties (e.g., some old anti-Iran accounts are now active again). These groups have falsely repurposed old videos and videos from other countries to make claims about the current conflict.

• We assess that some hacktivism campaigns are likely to increase, but will remain only a nuisance as groups primarily use DDoS attacks on public and private infrastructure organizations’ websites. Some of these are pro-Russian groups which gained notoriety in the Russia-Ukraine war.

If the conflict escalates beyond fighting between Israel and Hamas to include other regional actors, firms’ primary risk is to the physical safety of personnel and destruction of assets.

Immediate Priorities

As a result, firms should immediately review and revise, if necessary:

• Policies for in-country personnel (especially security-relevant staff) relating to: WFH, military mobilization, and PTO flexibility for family support.

• Policies for staff that limit/ban business travel in the region.

• Companies should afford employees in the area an abundance of compassion and grace on their availability to meet the demands of the workplace.

Finally, firms with a significant regional exposure should:

• Activate crisis management groups.

• Review and activate Business Continuity and Disaster Recovery plans for Israel and regional operations.

• Examine supply chain dependencies and customer impacts, including to third-party service providers and support vendors.

• Fortify web-facing applications to prevent DDoS attacks (Akamai, Cloudflare).

Given the fast moving nature of this conflict and the unfortunate potential for escalation, security leadership must remain agile, informed, and responsive to executives and impacted staff.

For more information or assistance on these issues, please reach out to intel@ks.group.

Forwarded this Exec Brief by a friend? Click below to sign up for our weekly dispatch.

Global Scan

Geopolitics

1. US, EU to Team Up on Steel Tariffs: A proposed joint tariff zone – in part designed to resolve trade disputes between Washington and Brussels – would impose duties of 10 and 25 percent, respectively, on aluminum and steel imports from non-market economies like China.

2. Finland Investigating Possible Sabotage of Sub-Sea Pipeline: The Baltic Connector pipeline, which supplies gas from Estonia and also carries telecoms links, was damaged by “external activity,” the country’s president stated.

3. IMF Releases World Economic Outlook: The organization raised growth prospects for the US slightly since the summer, lowering it slightly for the EU, while overall global growth is expected at three percent. Slower manufacturing and central bank tightening were blamed for economic headwinds.

Cybersecurity

1. China-Backed Hackers Exploiting Atlassian Vulnerability: Microsoft claims the group has been attacking Confluence Data Center and Server products since mid-September. Customers were urged to upgrade immediately, or isolate vulnerable Confluence applications from the public internet until they can do so.

2. Details of the Largest Ever DDoS Attack Emerge: Major firms Google, Amazon, and Cloudflare claim the attack speeds up page loading by allowing for hundreds of thousands of simultaneous, automated requests to a website over a single connection, overwhelming servers and taking them offline.

3. Israel-Gaza Conflict Revives Cyber Actors: A sophisticated suspected Israeli government hacking group re-emerged after a yearlong absence, while a flurry of hacktivist groups on both sides of the conflict have knocked websites offline and triggered false alarms.

Strategic and Emerging Tech

1. Engineers Make Desalination Breakthrough: The device circulates seawater using solar heat, evaporating the water and leaving salt behind. The resulting water vapor can then be condensed and collected as pure, drinkable water – a process that could produce drinking water more cheaply than tap water.

2. Researchers Using AI to Predict Viral Variants: The model forecasted the effects of gene mutations on human diseases, and was validated with historical COVID data. The tool could revolutionize vaccine development, surveillance of potential pandemic viruses, and facilitate quicker public health decisions.

3. The Quest for Magnets Without Rare Earths: Neodymium magnets will continue to dominate the market in the short term, with China the dominant player. Longer term, however, the most promising alternatives are “hard” ferrites – which are more environmentally friendly and more broadly available.

Policy/Regulation

1. SEC Investigating MoveIT Mass Hack: The commission is pursuing a fact-finding inquiry into Progress Software in response to the breach, which exposed the data of over 64 million people, impacted over 2,500 organizations, and sparked class-action suits.

2. Guide to Proposed Outbound Investment Regulations: Researchers test existing and hypothetical scenarios where US investments in China’s AI ecosystem would or would not be covered under the proposed program, and highlight outstanding challenges.

3. US Restricts Trade with 42 Chinese Companies over Russia Ties: The entities were suspected of supporting Moscow's military and defense industrial base, including supplying it with US-origin integrated circuits for precision guidance systems in missiles and drones launched against civilian targets in Ukraine.

Bookmarks

1. RUSI: Electric Vehicles: How Much Should We Worry About Cyber Security?

2. Tech Policy Press:The Most Consequential Algorithms You’ve Never Heard Of