Cybersecurity in times of war: What is really at stake for companies?

We are living in a new era of conflict: silent, invisible, but devastating. Today, when we talk about war, we are not just talking about troops or missiles — we are talking about servers, zero-day vulnerabilities, disinformation campaigns, and ransomware. And at the center of this new front are companies, whether they are direct targets or collateral damage.

Cyber conflicts: from Stuxnet to Ukraine

The Stuxnet malware, which sabotaged Iran’s nuclear program in 2010, was a turning point: for the first time, a cyberattack had a real physical impact. Since then, modern conflicts have included routine cyberespionage, denial-of-service (DDoS) attacks, data destruction and information manipulation.

The war in Ukraine showed its true scope: Hours before the Russian invasion, dozens of Ukrainian entities — banks, ministries, media outlets — saw their systems wiped out by destructive malware. Private companies were directly hit.

Companies as strategic targets

Even when they are not in conflict zones, companies are key pieces in the cyberwar chess game. Why?

• Critical infrastructure: energy, transport, communications, banking, health

• Global supply chains: an attack on one partner compromises the entire network

• Sensitive data: intellectual property, customer data, industrial secrets

• Social and reputational influence: disinformation campaigns or ransomware with public blackmail

This means that any organization — SME or multinational — can be attacked, directly or indirectly, in a context of international conflict.

The scenario in Portugal? Portugal, a member of NATO and the European Union, is not immune. Although it is not involved in active warfare, it has been targeted in geopolitically motivated cyberattacks. Recent examples include campaigns against public institutions, universities and technology companies.

The perception of neutrality does not protect.

What protects is digital resilience: anticipating, monitoring, defending and reacting quickly and effectively. The question is no longer “will we be attacked?” It is now: “When and with what impact?”

At Linkcom, we are closely monitoring this transformation and helping companies from all sectors to prepare. These are the key areas of activity:

1. Continuous Monitoring with SOC (Security Operations Center)

A 24/7 active SOC allows you to detect anomalous behavior in real time and mitigate attacks before they cause serious damage.

Linkcom Service: SOC managed by a specialized team and integrated SIEM technology.

2. Audits and Risk Assessments

Assessing the attack surface, identifying vulnerabilities and simulating intrusion scenarios is essential to define priorities.

Linkcom Service: Technical audits, intrusion tests and cybersecurity maturity assessments.

3. Incident Response and Continuity Plans

Having a well-defined response plan can dramatically reduce the operational and reputational damage from a cyberattack.

Linkcom Service: Personalized incident management plans and specialized support in critical situations.

4. Training and Awareness Raising

The human factor remains the weakest link. Continuous training is an essential line of defense.

Linkcom Service: Awareness programs, phishing simulations and e-learning adapted to each organization.

It's not just a question of technology. It's a strategic question.

Digital warfare is a reality that goes beyond IT departments. It is a cross-cutting risk that must be addressed at top management level.

Today, investing in cybersecurity isn’t just about protecting servers — it’s about protecting reputation, business continuity, relationships with customers and partners, and even the value of your brand. At Linkcom, we help build that resilience. Because true security starts before the attack.

Talk to us. Strengthen your company's cyber defense.