Hacktivism will continue to escalate, intensifying the visibility of hybrid warfare
In 2026, we will see hacktivism continue to become more pervasive and consequential. This expansion is characterised by an emerging trend that we call escalatory hacktivism, where groups align with state‑backed narratives and contribute to their host state’s hybrid warfare efforts. That strategic focus, coupled with chasing the ‘cyber‑dragon’ of infamy, has pushed contemporary hacktivist groups toward attacking operational technology environments, including those within critical infrastructure.
Historical attacks following this trend have varied in impact. While some claimed successes have been exaggerated or fabricated, the underlying intent remains, and capabilities are expanding. We anticipate a further increase in both frequency and severity of attacks on critical infrastructure, with more pronounced physical effects. Defenders currently contend with IT‑based ransomware from cybercriminals and state‑driven prepositioning or espionage, but they must prepare for a diversification of attacks from hacktivist groups that emphasise overt disruption.
Cyber extortion will continue to surge, cementing itself as a societal threat
In 2026, cyber extortion will continue to solidify itself as a major societal threat – no longer a concern primarily for businesses alone. Our new Security Navigator report found that the number of Cy-X victims has nearly doubled since just last year, increasing by 44.5%, and we can expect to see this trend continue in 2026. Cybercriminals are increasingly targeting more vulnerable victims, like small businesses without substantial cybersecurity budgets, as well as seeking to disrupt the critical national infrastructure that our societies depend upon.
Against this backdrop, I expect that the traditional perception of the ‘supply chain’ as linear will increasingly become recognised as obsolete in 2026. The reality of our supply chains is that they are a dense web of interdependence, and any small weakness can be the catalyst for a large-scale attack. Next year, we will continue to see new regulations emerge that seek to defend our supply ‘webs’, such as the Cyber Security and Resilience Bill in the UK. The emphasis will increasingly be on accountability, incident reporting, and third-party risk management – all with the goal of building resilience into our supply ‘webs’.
Cybercrime will continue to fragment
The fragmentation of the cybercrime landscape will continue to accelerate next year. Previously, a single dominant group defined the landscape. Now, several actors are sustaining large-scale operations; our new Security Navigator report found the number of distinct actors nearly tripled during 2024-2025. Far from signalling decline, the takedown of dominant groups has simply resulted in the redistribution of activity among various successors and emerging actors, further expanding the cybercrime landscape.
As this trend of fragmentation continues, the only way we can rise to the challenge and defend against the threat of multiple highly productive actors is through unprecedented global collaboration. In 2026, I expect we will see an uptick in global initiatives and public-private partnerships, ushering in a new era of knowledge to rival that of cybercrime actors.
The post Hacktivism will continue to escalate, intensifying the visibility of hybrid warfare appeared first on European Business & Finance Magazine.
