Cyber warfare refers to the use of technology to launch attacks on nations, governments, and citizens, causing comparable harm to actual warfare using weaponry. To date, there hasn’t been an outright “cyberwar” with declared antagonists, however, there are a number of incidents that have caused serious disruption to countries’ infrastructure that are suspected of being carried out by another state.
Cyberwarfare refers to the use of digital attacks like computer viruses and hacking by one country to disrupt the vital computer systems of another, with the aim of creating damage, death and destruction. Future wars will see hackers using computer code to attack an enemy’s infrastructure, fighting alongside troops using conventional weapons like guns and missiles.
Cyberwarfare can take many forms, including:
- viruses, computer worms, and malware that can take down water supplies, transportation systems, power grids, critical infrastructure, and military systems;
- denial-of-service (DoS) attacks, cybersecurity events that occur when attackers take action that prevents legitimate users from accessing targeted computer systems, devices or other network resources;
- Hacking and theft of critical data from institutions, governments and businesses; and
- Ransomware that holds computer systems hostage until the victims pay the ransom.
- APT attacks on infrastructure can devastate a country. For example, attacks on a nation’s utility systems can wreak havoc by causing widespread power outages, but an attacker with access to hydropower grids could also conceivably cause flooding by opening dams.
Cyberwarfare involves the following attack methods:
- Sabotage: Military and financial computer systems are at risk for the disruption of normal operations and equipment, such as communications, fuel, power and transportation infrastructures.
- Espionage and/or security breaches: These illegal exploitation methods are used to disable networks, software, computers or the Internet to steal or acquire classified information from rival institutions or individuals for military, political or financial gain.
Example of cyberwarfare
The earliest instance of a nation waging cyberwar was the Stuxnet worm, which was used to attack Iran’s nuclear program in 2010.
Nation-state actors are believed to be behind many other cyberwarfare incidents. For example, in March 2014, the Russian government allegedly perpetrated a distributed denial-of-service attack that disrupted the internet in Ukraine, enabling pro-Russian rebels to take control of Crimea.
A 2015 attack on the German parliament, suspected to have been carried out by Russian secret services, caused massive disruption when the attack infected 20,000 computers used by German politicians, support staff members, and civil servants. Sensitive data was stolen, and the attackers demanded several million euros to clean up the damage.
In December 2016, more than 230,000 customers in Ukraine experienced a blackout, the result of remote intrusions at three regional electric power distribution companies. The attack was suspected to originate from Russia. The perpetrators flooded phone lines with a DoS attack and also used malware to attack and destroy data on hard drives at the affected companies.
On August 2, 2017, President Trump signed into law the Countering America’s Adversaries Through Sanctions Act (Public Law 115-44) (CAATSA), imposing new sanctions on Iran, Russia, and North Korea.
In 2018, variations of malware known as Shamoon struck businesses in the Middle East and Europe. McAfee’s Advanced Threat Research concluded that the Iranian hacker group APT33, or a group masquerading as APT33, is likely responsible for these attacks.