How Modern Warfare Affects Small and Medium-Sized Businesses – And What You Can Do to Protect Yourself

Why Modern Wars Will Be Fought With and Through Small and Medium-Sized Businesses

In today’s digital and geopolitical reality, information and digital infrastructure are as valuable as traditional weapons and ammunition. Small and medium-sized enterprises (SMEs) form the backbone of Europe’s economy. At the same time, they have become the primary targets and weak links in modern hybrid warfare. Nation-state actors no longer rely solely on military force. Instead, they combine cyberattacks, disinformation, and economic sabotage to achieve strategic objectives without triggering full-scale conventional war. This is where cyberattacks against businesses enter the picture as a central component of hybrid warfare.

Many business owners wonder why cybersecurity for small businesses has become so critical. The answer lies in the fact that SMEs often lack the resources that large corporations have, while simultaneously handling sensitive data and serving as subcontractors in complex supply chains. According to recent reports, small businesses have seen a 188 percent increase in cyber extortion over the past year. This makes it clear that ransomware targeting small businesses and data breaches at SMEs are no longer exceptions but a growing part of the modern threat landscape. In this guide, we walk through the fundamentals: why businesses are central to hybrid warfare, concrete examples of breaches, and practical advice for strengthening IT security for small and medium-sized businesses.

What Is Hybrid Warfare and How Does It Affect Small and Medium-Sized Businesses?

Hybrid warfare involves a mix of military, economic, information, and cyber operations aimed at creating disruption and weakness in an adversary without direct confrontation. The cyber dimension is particularly effective because it is cost-efficient, difficult to trace, and can be directed straight at civilian targets like businesses. For SMEs, this becomes especially tangible as they often serve as gateways to larger systems.

Small and medium-sized businesses are perfect targets for several reasons. First, they typically have limited security resources and often lack a dedicated IT security department. Second, they occupy critical supply chain positions as subcontractors to large enterprises, government agencies, and critical infrastructure. An attack on a small company can therefore provide access to the entire chain through so-called supply chain attacks. Third, businesses handle valuable information such as customer data, financial records, and trade secrets, making them attractive for both espionage and extortion.

“Why would they attack me? I work alone.” Many sole proprietors and small consultancies make the mistake of thinking they’re uninteresting to nation-state actors. But in hybrid warfare, you’re never too small to be a “stepping stone.” By hijacking your email or system, an attacker can impersonate you and contact your clients – who might hold key positions in defence, the energy sector, or government. In this scenario, you’re not the end target but the key that unlocks the door to something much bigger.

The fundamental principle behind all cybersecurity remains the CIA triad: confidentiality, integrity, and availability. In hybrid warfare, however, resilience is added – the ability to quickly recover and continue operations despite an attack. Many businesses that fall victim to cyberattacks realise too late that poor IT security for small businesses can lead to major consequences for both the economy and society.

Why Are Small and Medium-Sized Businesses Central to Modern Wars and Hybrid Warfare?

State-sponsored actors see SMEs as low-hanging fruit in the digital battlefield. Supply chain attacks are a growing threat because they provide indirect access to major clients without attacking them directly. An example is attacks via managed service providers or software vendors that affect many businesses simultaneously. Economic disruption is also central: a successful cyberattack can halt production, create unemployment, and undermine societal stability.

Geopolitical tensions, such as the conflicts in Ukraine and increasing tensions between major powers, spill over into the cyber domain. Businesses with connections to critical sectors like energy, transport, and manufacturing are often hit first. Statistics show that small and medium-sized businesses are up to 60 percent more vulnerable than large organisations, yet they have only a tenth of the security budget. Many attacks combine criminal financing with strategic objectives from state actors.

Awareness of cybersecurity for small businesses has increased, but many companies remain poorly prepared. According to surveys, 40 percent worry about cyber threats, and half report insufficient preparedness.

Examples of Breaches and Real Consequences for Businesses

To illustrate the threats, it’s valuable to look at concrete examples of breaches that have affected businesses and supply chains. A clear case is the ransomware attack on IT provider Miljödata in autumn 2025. This small to medium-sized company was hit by a comprehensive attack that affected around 200 municipalities and regions. The attack demonstrated how a supply chain attack via an SME vendor can knock out critical public services and cause massive disruption throughout the chain.

Another example is the Nordic IT giant Tietoevry, hit by a ransomware attack in 2024. Although the company itself is large, many of their clients – including smaller businesses and municipalities – were affected with operational downtime and financial losses. This underscores how cyberattacks on businesses in the supply chain can ripple outward like waves.

An older but still relevant example is the Kaseya attack in 2021, which indirectly shut down Coop supermarkets in Sweden. Hundreds of stores were forced to close because their point-of-sale systems stopped working – a classic example of how an attack on a vendor affects many retail businesses. These cases show that data breaches at small businesses and ransomware targeting SMEs are not hypothetical threats but reality that can strike anyone.

Consequences of Cyberattacks Against Businesses

A successful attack can lead to several serious consequences for small and medium-sized businesses. Ransomware can lock systems and demand payment, data theft enables espionage or sale on the dark web, and DDoS attacks can halt operations entirely. Reputational damage and lost customer trust are often the most long-lasting effects.

The EU’s NIS2 directive expands cybersecurity requirements to more businesses than ever before. Fines can reach millions of euros, and in a hybrid warfare scenario, the consequences can be existential for a business. Many companies don’t realise that an attack doesn’t just cost money – it can threaten the entire operation. It’s also important to understand what data protection actually means in practice.

Special Vulnerability for Startups and Tech Companies

Certain types of businesses are especially attractive targets in a hybrid warfare context. This particularly applies to startups and tech companies working with IT services, drone technology, critical software, or emerging technologies. There are several reasons these businesses are in the crosshairs:

1. Valuable IP (Intellectual Property): Startups often possess unique algorithms, blueprints, or prototypes that nation-state actors want to steal to give their own industries an advantage or to understand an adversary’s future capabilities.
2. Rapid growth before security: In young companies, fast development and market launch (“Time to Market”) are often prioritised over rigorous security protocols. This creates vulnerabilities that are easy to exploit.
3. Strategic sabotage: By attacking a country’s technological leaders – for example, companies developing drones or advanced AI – an attacker can slow a nation’s technological development and defence innovation.
4. Gateway to sensitive environments: Tech startups are often deeply integrated into their clients’ networks through cloud services and APIs. A breach at a small but specialised IT vendor can serve as a backdoor into major government agencies or defence industry.

Understanding your role in the larger ecosystem is crucial for tech entrepreneurs. An attack against you is rarely personal – it’s often part of a larger strategic game.

For Businesses With Many Employees: MSSP and Access Control

When a business grows and the number of employees increases, the attack surface expands exponentially. For organisations with many workers, one-off security measures aren’t enough; structured, continuous monitoring is required.

Managed Security Service Provider (MSSP) For most businesses, maintaining an in-house security department around the clock is technically and financially impossible. By partnering with a specialised MSSP, you gain access to a Security Operations Center (SOC) that monitors your systems 24/7. They stay on top of the latest hybrid warfare threats and can act immediately when anomalous patterns are detected – before it becomes a full-scale crisis.

Who Has Access to What? (Identity & Access Management) One of the greatest risks in larger organisations is “over-privileging” – employees having access to systems and data they don’t need for their daily work. In a hybrid warfare context, this is extremely dangerous. If an employee’s account is compromised, the attacker can move freely throughout the entire network (lateral movement).

• Principle of least privilege: Give employees access to only exactly what they need.
• Network segmentation: Divide the network so an incident in one department doesn’t spread to the rest of the company.
• Continuous auditing: Keep strict control of which accounts exist (e.g., after someone leaves) and what privileges they have.

Having a partner who understands these processes and can implement strict access control is the single most important factor in protecting a larger workforce.

How to Protect Your Business Against Modern Warfare Threats

Protection against cyberattacks and hybrid warfare begins with awareness and simple, effective measures that all small businesses can implement. It’s not about advanced technology but about fundamental IT security for small and medium-sized businesses.

Here are some concrete steps:

• Update all systems and software immediately to patch known vulnerabilities.
• Implement multi-factor authentication everywhere to prevent unauthorised access.
• Back up data according to the 3-2-1 rule with at least one offline copy.
• Train all employees to recognise phishing and social engineering.
• Use a zero-trust approach where no access is granted automatically.
• Develop an incident response plan so you know exactly what to do during an attack.
• Consider external help from an IT security partner for continuous monitoring.

By working proactively with cybersecurity for small businesses, you significantly reduce risk and strengthen your resilience in an uncertain world.

Trust and Brand Reputation in Uncertain Times

Customers and partners expect information to be handled securely. A data breach at a business can damage not just the company itself but the entire ecosystem. Investing in IT security for small and medium-sized businesses is therefore not a cost but a strategic survival factor in the era of hybrid warfare. Businesses that demonstrate they take cybersecurity seriously build stronger trust and competitive advantage.

Want help strengthening your business’s cybersecurity against today’s and tomorrow’s threats? Contact Viharnis Team today for a free security analysis.

Viharnis Team – Your partner in IT security and data protection for small and medium-sized businesses.