Cyber Warfare: Understanding New Frontiers in Global Conflicts
An arms race is developing between those using technology to target adversaries and those using it prevent attacks from succeeding.
COMMENTARY
In recent decades, the nature of warfare between nations has evolved substantially with the integration of offensive cyber tactics. In late 2023, Israel's cyber-defense chief, Yigal Unna, voiced concerns that Iran would escalate the intensity of its cyberattacks on Israeli infrastructure and government agencies. This exemplifies the new reality we live in, where cyber warfare has become a critical domain alongside land, air, and sea tactics in armed conflicts across the world.
The integration of offensive cyber operations alongside conventional military force represents a strategic shift toward what experts call "fifth generation" or "hybrid warfare." The goal is to undermine the adversary using the tools available to achieve political and military objectives. In addition to traditional personnel and weapons, modern hybrid warfare leverages things like weaponized propaganda, election interference, and strategic hacks on critical infrastructure.
Common Forms of Cyber Warfare
One major type of cyber threat targets critical infrastructure like power grids, water systems, transportation networks, financial systems, and government systems. Successfully breaching these can allow adversaries to monitor or control systems that keep societies functioning. For example, Iranian hackers briefly took control of a small dam in New York in 2013 after stealing usernames and passwords. Should control systems or operational networks become compromised, adversaries could shut down essential services or send them into dangerous states. For example, in 2021, Israel was allegedly responsible for a cyberattack on a primary nuclear facility in Iran, which led to a blackout and damage to the region's electricity grid.
Aside from critical infrastructure, security gaps in everyday technologies can be used for strategic advantage during war. For example, reports suggest that poorly configured security cameras in Israel and Palestine are vulnerable to attack from adversaries or supportive hacktivists with basic skills. Access risks range from invasion of privacy through recording private spaces to manipulating feeds for espionage or to incite panic. Adversaries can also introduce wiper malware to destroy or manipulate data and systems permanently.
Another common tactic is the distributed denial-of-service (DDoS) attack, which overloads sites and servers with traffic, crashing them. DDoS attacks can be conducted by botnets — networks of infected devices that flood targets in a coordinated way. By bringing down communication channels and government sites, DDoS attacks sow confusion and hinder a response. The impacts were clear when DDoS attacks disabled key Ukrainian government sites after Russia's 2022 invasion. What can be even more dangerous, however, is when DDoS attacks are used to mislead IT and security teams while cybercriminals operate on compromised systems. In these instances, where cybercriminals are acting undercover during DDoS, the consequences can be doubly impactful.
Finally, cyber espionage represents a significant threat, whether by stealing classified documents or gaining leverage over key figures. The 2020 SolarWinds hack allowed Russia to monitor email communications at major US federal agencies. And control can be exerted by publicizing compromising information obtained through breaches.
Cyber Warfare Impacts
At a tactical level, taking command and communication systems offline hinders coordination between governments and military forces. Jamming signals or crashing networks blinds units from central guidance, hinders intelligence-sharing between allies, and disrupts supply chains.
For civilians, attacks disabling power, water, transportation, and other essential infrastructure directly threaten public health and safety. But aside from the very real and direct physical impact that cyberattacks can have on people, such events can demoralize the public, seed panic, and turn sentiment against wartime leadership already strained to restore services.
At a broader strategic level, infiltrating classified databases provides invaluable intelligence to shape propaganda and psychological operations. The ability to leak stolen data, whether truthful or manipulated, allows less conventionally powerful state and non-state forces to gain influence domestically and internationally.
Protecting Against Cyber Threats
To harden national defenses against the rising tide of cyber warfare, governments must make critical infrastructure security a top priority while keeping sight of the other crucial elements of a resilient security posture.
This includes governments closely monitoring their own systems, updating software, insulating sensitive systems, and enacting strict cybersecurity standards across agencies. Robust threat-intelligence sharing between security bodies and private sector partners is also key.
Tight coordination between government entities, law enforcement, cyber commands, and private sector infrastructure operators allows collective defense against threats. Additionally, all critical infrastructure operators must have comprehensive incident response plans for when sophisticated attacks inevitably occur.
Robust cybersecurity requires securing not just critical infrastructure but also the people who access sensitive systems daily. Government and industry personnel are common targets for intrusions through phishing. Once inside less secure endpoints or accounts, adversaries can escalate access across networks.
Proper workforce cyber hygiene and practices serve as the frontline defense. Comprehensive training for all personnel is essential to cultivate awareness of issues like multifactor authentication and identifying deception attempts. Additionally, adoption and enforcement of open security standards like DNSSEC, TLS, and DMARC bolsters protection across communication channels and access points. The workforce represents a security chain only as strong as its weakest link. By recognizing personnel as penetration pathways, continuous training and culture building are key to resilience.
A New Frontier Gaining Pace
As cyber warfare becomes increasingly intertwined with conventional conflict, its disruption of critical systems and infrastructure will bring immense impacts for governments and civilians alike. As a result, bolstering national cyber resilience will require a unified effort among legislators, security agencies, and private partners.
In reality, an arms race is developing between those leveraging technology to target their adversaries and those developing the technology, processes, and policies to prevent its success. With the introduction of artificial intelligence (AI) to the discussion, not to mention future tech such as quantum computing, the pace of this race will only increase. All governments can do is continue to prepare themselves and their citizens for the reality of a new frontier that will become ever more present in global conflicts.
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024