Cyberwarfare is real. Governments around the globe are gearing up for it. Here’s is what you need to know.
What is cyberwarfare?
Simply put, cyberwarfare involves digital attacks by nation/state-sponsored hackers on the networks, systems and data of another state, with the aim of creating damage, disruption and destruction. That might involve destroying, altering or stealing data, or making it impossible to access online services, whether they are used by the military and broader society. These digital attacks may also be designed to cause physical damage in the real world–such as breaking into a factory control system to create a chemical spill.
Such attacks can form part of a more traditional military campaign, fighting alongside cavalry using conventional weapons like guns and missiles or be used as a standalone attack.
Some elements of information warfare (including online propaganda and disinformation) can also be included in the broader definition of cyberwarfare.
One important thing that needs to be mentioned here is that cyberwarfare have no internationally agreed legal definition and there are no clear rules that specifically refer to it. But that doesn’t mean the concept isn’t covered by international law, or that it is not given any importance. Among western states there is a general consensus that an online attack on a nation/state can–if it is severe enough–be the equivalent of an armed physical attack.
NATO has, for example, updated its ROE so that a digital attack on one of its members state could be considered an attack on all of them–triggering its collective defence clause. Increasingly it is seen as another potential battlefield alongside land, sea, air and space.
However, there’s another question here. Correctly attributing blame for attacks is a big problem; it’s very hard to work out which nation launched the attack in the first place: while there has been improvement in digital forensics, attackers are also adept at leaving false clues in their code, which may lead in entirely the wrong direction.
How does it work?
Just like normal warfare, cyberwarfare aims to further the goals of a nation state. Typically electronic ‘weapons’ are used to attack computers and networks that are involved with sensitive resources of that nation’s rivals.
The types of attack could vary wildly, from bespoke code that will only work against one particular target, through to DDoS (Distributed Denial of Service) attacks, phishing, hacking and viruses.
Once succeeded you (referring to the attacking state) can then read privileged information not meant for you (it comes under cyber espionage) that you could exploit to gain advantage over your rival. You could learn the top speed of a missile and build a plane that can outrun it. You could get information on your target’s troops movement and set up an ambush. You could learn about which scientists are important to developing those weapons, or which congressmen were instrumental in getting funding for said systems and defraud them by getting to their various system/network accounts and pretending as them. Or you could use the information you’ve gained to get leverage over them and force them to work for you (i.e. blackmail them with info you found on their computer, kidnap their families with stuff you learned from their email, etc.).
As I mentioned above, there is no internationally agreed legal definition of cyberwarfare, hence why some considers cyber espionage (using the internet to infiltrate and steal state and industrial secrets) to be a part of cyberwarfare, others argue that it’s not as cyberwarfare is more interested in industrial control and Scada systems although they do agree that there is much overlap between the two.
You can also sabotage people if you have control of those systems. You can sneak a secret program into the source code of that missile that would allow you to remotely detonate it in its silo. You can gain access to the communication network of target’s troops and confuse them and then sneak forces in to destroy them. This is just the tip of the iceberg there are a whole lot of other things that can be done, but I think this is enough to give you an idea of what’s possible.
For some, the cyberwar era began in ’07, with a coordinated attack on Estonia (a small country in Northern Europe). The attack–which disrupted banks, newspapers & broadcasters, government services and more–was sparked by plans to move a Soviet war memorial, and, although inconvenient, was not cyberwar, according to one resident.
For others, the modern cyberwarfare era began with ‘Operation Olympic Games’ a US-Israeli attack (although they have never confirmed this) on the Iranian nuclear facilities in ’10, which used the Stuxnet malware to cause malfunctions in centrifuges that were being used in the programme. It’s also entirely possible that there have been early cyberwarfare operations that we don’t know about as they still remain classified.
Which countries are preparing for cyberwar?
Pretty much every single nation with the necessary resources is investing in cyberwarfare and cyberdefence capabilities. The most advanced countries are generally considered to be the US, China, Russia, the UK, Israel, Iran and North Korea.
The use of cyberwarfare tactics by the US is the most well documented. Apart from Stuxnet, US is also believed to have used various forms of cyber weapons against the North Korean missile tests and the so-called Islamic State, with mixed results. In 2016, Robert Work (US deputy secretary of defense at the time) said of US efforts against ISIS: “We are dropping cyberbombs…We have never done that before.”
US Cyber Command, one of the eleven unified commands of the United States’ DoD, unifies the direction of cyberspace operations, strengthens DoD cyberspace capabilities, and integrates and bolsters DoD’s cyber expertise.
The US has long warned that Russia has a “highly advanced offensive cyber program” and has “conducted damaging and/or disruptive cyber attacks, including attacks on critical infrastructure networks”. Similar warnings have also been issued about China, in a 2018 annual report to Congress, DoD said that China is looking to narrow the gap with the US in terms of cyberwarfare capabilities.
The UK has also publicly stated that it is working on cyberwarfare and cyberdefence projects, and has vowed to ‘strike back’ if it comes under cyber attack. In April ’18, Jeremy Fleming (director of GCHQ) confirmed that cyberattacks by British intelligence services supported operations against ISIS.
How do you prepare for cyberwar?
Cyberwar isn’t something you’d seek out: but if you’re in charge of a chunk of critical infrastructure of your nation, or run military networks, you’d be advised to watch out for it–and to prepare your defences accordingly.