In-depth

What is cyber warfare?

We explain what cyber warfare is and why you need to pay attention to the threats posed

Cyber warfare, as its name suggests, refers to the use of the use of technology to attack a nation's computers or information networks, causing comparable harm to actual warfare - be it damage, death or destruction. 

Although there are vanishingly few examples of real-world cyber warfare, it's becoming a growing concern for many. Governments are becoming increasingly aware that we are now reliant on computer systems to run everything from financial services to transport networks, and that an attack against these systems could be just as damaging as traditional military campaign using troops armed with guns and missiles.

In the UK, for example, the British army has announced a dedicated cyber warfare division, and reports claim it's even considering scrapping its fleet of Challenger 2 tanks in order to dedicate defence funds towards cyber, space, and other emerging military technologies.

Unlike standard weapons of destruction, cyber warfare is harder to trace as elements like malware can be embedded into a system secretly. Often, state-sponsored attacks go unclaimed, leaving room for speculation. Then there are the occasions when hacking groups admit their crimes, but the problem is that they're never "officially" liked to a particular state.

Is anyone under cyber warfare attack?

A warning of a Student infection in front of a binary background

The answer, if you go by the dictionary definition, is an unequivocal yes. Along with most Western countries, there are concerted cyber attacks daily against government organisations and enterprises alike. But are we engaged in a cyber war? Not according to the 'clear and unambiguous' attribution requirement.

We know that Russia and China are developing cyber weapons to use in any future cyber conflict, and the US, France and Israel are just as active as nation states leading the way in this endeavour. But that doesn't mean we can say any of these countries are using them, although we know they have the capability and have done so in the past. Stuxnet, for example, was a joint venture between Israel and the USA to destroy Iran's nuclear programme capability.

What weapons are used in cyber war?

Botnet graphic

The tools of destruction used in cyber attacks do bear some resemblance to weapons commonly used in other criminal attacks, in that they incur the same effect.

For example, botnets that exist to launch distributed denial of service (DDoS) attacks can target critical services and cripple entities digitally, or may even serve as a diversion from other malicious cyber activities, such as attempts to infiltrate the network. Spear phishing and social engineering, too, are techniques also deployed in order to get cyber criminals closer to the targeted systems. Threats from the inside pose a significant risk for organisations hoping to safeguard their systems against intruders, though are highly potent as far as hackers are concerned, allowing hackers to directly expose a network to a threat, or allow a group to steal sensitive data.

Related Resource

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

One useful example of how multiple layers of attack can be used to great effect is Stuxnet, which was first encountered ten years ago. An employee situated inside an Iranian nuclear power site inserted a USB stick embedded with the Stuxnet worm, either knowingly or unknowingly, into an air-gapped system. Exploiting multiple zero-day exploits, this malware searched for specific software running centrifuges, and commanded them to spin dangerously fast and then slow for a period of months without being detected. These centrifuges eventually broke and more than 1,000 machines were rendered useless.

The attack was never successfully blamed on any known party, although it’s thought that this cyber weapon was created jointly between the US and Israeli military entities. While neither nation has denied the charge, it’s also alleged Stuxnet was played as part of a showreel at the retirement party of the head of the Israeli Defence Force (IDF).

Other examples of cyber warfare

While Stuxnet is one of the best examples of cyber warfare in action, there are other significant events that can be attributed to state-level attacks.

One recent example comes from Russia - a country that has been accused of many and various state-level cyberattacks. Russia is accused of mounting multiple cyber attacks against Ukraine, including the BlackEnergy attack that cut the power to 700,000 homes in the country in 2015 and the NotPetya malware, which masqueraded as ransomware but was in reality designed purely to destroy the systems it infected.

North Korea, which has been generating headlines over its nuclear posturing and turbulent diplomatic relationship with the US, has also been active in cyber space. According to researchers, the North Korean state has been linked to the prolific and dangerous hacking organisation codenamed HIDDEN COBRA, also known as the Lazarus Group. Both the Sony hack of 2014 and the hack of a Bangladeshi bank in 2016 were pinned on these hackers.

More recently, reports in January 2020 claimed a cyber attack on the United Nations (UN) was the work of state-sponsored hackers. The attack saw hackers compromise at least 40 servers at UN offices in Vienna, Geneva and the UN Office of the High Commissioner for Human rights. 

Cyber attacks and hybrid warfare

Increasingly, cyber attacks are being seen as an aspect of what's known as hybrid warfare.As explained by The Conversation, the term hybrid warfare is somewhat ill-defined and has changed in meaning over the past ten years or so since it came into use. Increasingly, however, it's used to describe the typical cyber warfare practices laid out here with efforts to disrupt democratic processes.

For example, in the run-up to an election, "Group A" may engage in efforts to alter sentiment through channels like social media while simultaneously targeting the websites of its main competitors, "Group B" and "Group C", with DDoS attacks or cyber vandalism.

Related Resource

Securing a remote workforce with a zero-trust strategy

Why zero-trust is the latest foundational cyber security construct for the modern workplace

Download now

Often, it won't be Group A itself that engages in these activities, but instead it will outsource to companies that specialise in the spreading of disinformation and hackers for hire. This makes it more difficult to trace back.

This is a tactic also seen in state-sponsored cyber attacks, where countries claim an attack originates from "patriotic hackers" acting on their own terms without any persuasion or reward from the state.

Indeed, when it comes to nation states, we can see another aspect of hybrid cyber warfare when cyber attacks are carried out alongside "kinetic attacks", which is to say traditional warfare tactics like bombs. This is similar to when, in the past, saboteurs would target critical infrastructure ahead of an invasion, only now the attacks can happen remotely.

False flags

A finger pressing a 'Fake News' keyboard button with a Russian flag background

The only cyber weapon that is perhaps even more dangerous and disruptive than the zero-day is the false flag. We know that, for example, the attack by the so-called 'Cyber Caliphate' claiming to be affiliated to ISIS on a US military database was a false flag operation by the Russian state-sponsored hacking group APT 28. Why does this matter? Because the US retaliated with kinetic attacks on cyber communication channels and drone strikes against human targets in Syria. 

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

Lumen's digital portal simplifies the ordering of IT solutions
Business strategy

Lumen's digital portal simplifies the ordering of IT solutions

20 Oct 2020
US charges six Russians behind NotPetya and Olympics hacks
Security

US charges six Russians behind NotPetya and Olympics hacks

20 Oct 2020
Microsoft becomes the most-spoofed brand for phishing attacks
Security

Microsoft becomes the most-spoofed brand for phishing attacks

20 Oct 2020
Managing employee security risks during lockdown
Security

Managing employee security risks during lockdown

20 Oct 2020

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
Google blocked record-breaking 2.5Tbps DDoS attack in 2017
Security

Google blocked record-breaking 2.5Tbps DDoS attack in 2017

19 Oct 2020
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

5 Oct 2020