The ongoing conflict in the Middle East is rippling across technology stacks around the world.
On Sunday, several AWS data centers in the region were hit by drone strikes, disrupting digital services for days. While the disruption was the result of a direct, physical attack, that won’t be the end of technology consequences as supply chain disruptions and cybersecurity risks are expected to rise.
“The strategic outlook is one of maximum instability, marked by a critical escalation where the conflict is spiraling outward both geographically and functionally,” Flashpoint analysts said this week.
Here’s what CIOs need to know about what might lie ahead, and how they can uphold their key priorities as the conflict continues.
Supply chain disruptions
With supply chains under pressure from ongoing conflict, CIOs can prepare for future issues by being proactive on hardware provisioning.
CIOs should be speaking to their executive teams about anticipated procurement delays, Christie Struckman, VP analyst at Gartner, wrote in an email to CIO Dive. CIOs should be prepared for procurement delays because shipping will need to reroute away from conflict areas.
There will also be order backlogs due to the disruptions, she added, and companies should be monitoring fleet movements, logistics platforms, IoT infrastructure and aviation systems.
“Iran's shift in strategy from purely military retaliation to economic decapitation is evident in the strikes on Saudi Arabia's Ras Tanura oil facility and an AWS data center in the UAE, signaling a profound threat to global energy and technology supply chains,” Flashpoint wrote in their assessment.
CIOs should also be keeping an eye on India, and how the country “decides to navigate its policy position,” said Jessica Lewis McFate, senior director of intelligence operations at Babel Street, due to how many IT services and materials are based in or transit through India.
Increased impact is likely for the semiconductor industry because it has been “trying to shift out of China, and India is taking on a bigger role,” McFate said.
Securing cloud estates
For CIOs with technology capabilities in the Middle East region, the time is now to evacuate critical data and applications, most likely to Europe, Struckman said.
By now, technology leaders should have also activated disaster recovery plans and be “conducting ransomware-recovery and disaster recovery drills at tabletop exercises.” Data center costs are expected to increase due to rising energy prices and the need to implement redundancy or failover plans.
But companies without a Middle East technology presence are not off the hook.
CIOs need to know where cloud providers are keeping their data. While a cloud might give the idea that data “…is ones and zeros in the air, it all is still somewhere, and still on physical servers,” said Chetrice Romero, senior cybersecurity advisor at Ice Miller.
If a CIO doesn’t know where that data is, they need to find out, she said, and reconsider their cloud services if their data is being kept in China or Russia. Other questions to ask, Romero said, include what measures are in place to protect servers, how they are backed up and how often.
Preparing for heightened cybersecurity risks
Since Iran has a well established and effective network of nation state actors, the threat environment is complex amid ongoing hostilities.
CIOs can expect an uptick in cybersecurity attacks and AI-powered phishing attempts, Struckman said. Strengthening identity and access management and examining "scenarios where hacktivist groups prioritize maximum disruption, including ransomware, data theft, destruction actions, and defacement,” will help companies stay alert.
Businesses need to actively test the security measures they already have in place, said Thomas Pace, co-founder and CEO at NetRise, and “testing all of your resiliency and business continuity plans and making sure that you can restore your critical systems for backups in case you get hit with a ransomware attack.”
The heightened risk environment also means companies must audit "everything that’s connected to the internet and make sure that there are no critical vulnerabilities or ways to authenticate into a system that you’re not aware of.”
Making sure cybersecurity basics are covered is especially critical, said Romero, because Iranian hackers are especially good at breaking into systems by picking off so-called low hanging fruit, like exploiting “unpatched systems or default passwords, especially for operational technology systems."
Attacks from Iranian actors “are not always very sophisticated in the nature of their attacks," Romero said. "But a lot of times they’re counting on people’s defenses being inconsistent.”
