International Security Journal hears exclusively from Gordon Brebner, Technical Team Lead at Orange Cyberdefense, about the company’s latest documentary, ‘Don’t Go To The Police.’
How does ‘Don’t Go to the Police’ demonstrate the impact that a single cyber-attack can have on an economic ecosystem?
The Coaxis attack is an example of how the vulnerability of a single small business with commonly used software can shake the international economy.
More specifically, it illustrates that a single innocent click in a small company can go on to paralyse a business supporting 350,000 others.
This proves that organisations now need to look beyond their own perimeter and ensure that the third parties they depend on have robust security controls in place where they matter most.
The learning here is that while supply chain security is essential, the term itself hides a dangerous oversimplification.
What we call a ‘supply chain’ is not a line of discrete, manageable links but a dense web of interdependence.
Due to this, companies need to move beyond generic assurance exercises and focus instead on the specific systems, access points and critical services each supplier provides.
The key issue is not whether a supplier appears secure in principle, but whether the controls protecting the most business-critical parts of that relationship are appropriate, effective and regularly tested.
As supply chains become more interconnected, third-party security needs to be treated as a core component of operational resilience, not a separate compliance exercise.
How does the documentary portray cyber-crime as an organised and professionalised global industry?
Proving that cyber-crime is no longer a small-scale operation, the documentary showcases how it functions like a cartel with colossal financial resources, driven by a highly developed and constantly evolving criminal business model.
These groups are often structured like businesses, with departments specialised in malware development, affiliate recruitment and even customer service for victims.
For as long as organisations keep paying the ransom demands, the financial incentives for the criminal groups remain firmly in place.
For instance, LockBit operates as a franchise with a “Ransomware-as-a-Service” model, which allows less technical criminals to launch sophisticated attacks.
For LockBit, this model generated over $500 million.
This underground economy funds complex networks, making dismantling as difficult as traditional cartels.
Such groups bring attention to the role of specialist cyber negotiation firms, which are often brought in to help victims manage the crisis and in some cases, negotiate a lower demand based on their experience with particular threat actors.
These firms can provide valuable support to organisations under significant pressure.
At the same time, there is a broader debate about whether their involvement, even when well-intentioned, can indirectly sustain the cycle of ransom payments.
The concern is that this contributes to an entrenched ecosystem in which both criminal networks and the legitimate advisory services surrounding incidents continue to expand.
How does the immersive investigation into the Coaxis attack reveal the growing complexity and scale of modern cyber-threats?
The Coaxis cyber-incident highlights just how complex and far-reaching modern cyber-threats have become.
Our Security Navigator 2026 data reveals that cyber‑extortion increased by 45% in 2025 and has more than doubled in five years.
What may begin as a disruption to a single organisation can quickly expose interdependencies across supply chains, operations, customer services and brand reputation.
That means large organisations are not simply defending networks; they are managing risk across ecosystems of suppliers, partners, platforms and critical business processes.
More broadly, incidents like this show that cyber-resilience now matters as much as cyber-defence.
The key question is no longer just whether an attack can be prevented, but how effectively an organisation can respond, contain disruption and recover while maintaining trust among customers, employees and stakeholders.
What role does AI play in accelerating cyber-crime, according to the documentary’s findings?
The documentary spotlights how AI has increased phishing attacks 50-fold.
GenAI has proven capable of crafting convincing phishing messages and generating synthetic voices and videos that deceive victims.
All of this is making detection increasingly complex for the human brain.
Beyond the risks from phishing messages detailed in the documentary, AI is also automating attacks.
This reduces the skill level required by threat actors to execute them.
Similarly, autonomous AI botnets are bypassing traditional security systems by mimicking legitimate traffic.
To stand a chance, company safeguards must be updated to keep up with the latest capabilities of digital threats.
Can you explain how the documentary highlights the connection between cyber-crime and broader geopolitical strategies aimed at destabilising societies?
It’s a documented reality.
Our experts show how some groups operate with the tolerance or protection of certain states.
These networks serve as informal extensions of geopolitical influences, relying on hacktivists to destabilise economies and democracies.
For example, in 2024, 96% of attacks by a hacktivist group affiliated with Russia targeted only Europe.
These attacks aim not only to disrupt critical infrastructure but also to undermine citizens’ trust in their institutions.
In the current landscape, these cyber sabotage attacks, whether carried out by states or by non-state actors being supported by states, illustrate the transformation of cybersecurity into an instrument of sovereignty, dissuasion and indirect warfare.
The ability to conduct these operations, all while avoiding open escalation, is becoming a powerful weapon in global competition.
In this context, offensive cyber-operations are no longer limited to one-off actions but are becoming integrated elements of a hybrid strategy. Key to this strategy is intimidation, destabilisation and intelligence gathering.
What is one thing you would like people to take away from ‘Don’t Go to the Police’?
This documentary aims to shed light on the reality of organised cyber-crime. To recognise that cybersecurity is a critical societal issue.
The goal is to trigger collective and individual awareness so that everyone adopts digital hygiene practices to strengthen our defenses against this threat.
