Enemy Action - The Distinctive Features Of Cyber Warfare

Cyber warfare currently refers to the use of digital attacks, like computer viruses and hacking to take enemy system down. Future wars will see hackers using computer code to attack an enemy's infrastructure, fighting alongside troops using conventional weapons like guns and missiles.

Cyber attacks on a global scale increasingly continue to threaten critical infrastructures, information networks, and digital control systems that fundamentally support our national security and improve our quality of life. Right now, for any government the ability to respond appropriately to a cyber attack in a timely and effective manner has never been more important. 

Unlike traditional military attacks, a cyber attack can be launched instantaneously from any distance, with little obvious evidence of any build-up, unlike a traditional military operation and these attack can often be extremely hard to trace back with any certainty to its perpetrators, making retaliation much harder. Cyber warfare can enable actors to achieve their political and strategic goals without the need for armed conflict. Cyberspace gives disproportionate power to small and otherwise relatively insignificant actors. 

Operating behind false IP addresses, foreign servers and aliases, attackers can act with almost complete anonymity and relative impunity, at least in the short term. 

In cyberspace the boundaries are blurred between the military and the civilian, and between the physical and the virtual; and power can be exerted by states or non-state actors, or by proxy. Cyberspace should be viewed as the ‘fifth battlespace’, alongside the more traditional arenas of land, air, sea and space.

Cyber warfare is best understood as a new but not entirely separate component of this multifaceted conflict environment. 

Warlike actions in cyberspace are more likely to occur in conjunction with other forms of coercion and confrontation. However, the ways and means of cyber warfare remain undeniably distinct from these other modes of conflict. 
However there are similarities between the sea and cyberspace which suggest using maritime warfare theory to help us to begin understanding cyber warfare. 

Maritime warfare, specifically sea control, sea denial, and disputed sea control provide a foundation for understanding cyber warfare. 

Content and code moving in cyberspace have similar characteristics to forces moving from the sea, a fluidity of movement, omni–directional avenues of approach, and the necessity to make ‘shore’ (move to where the human and machines are) in order to be useable. Additionally, the ability to control or deny access, dispute control, and prevent the force 
The intertwining of cyberspace and human activity in the twenty–first century means cyberspace is a linchpin of society's collective life.

It illustrates our dependence on cyberspace for resources, as the primary medium for the spread of information, and decision making. 

The need to appreciate the complexity of cyberspace in peace and war will only increase as authorities drive consumers, employees, and the general populace to cyberspace for communication, work, shopping, banking, entertainment, and war fighting. 

The same methodology can be applied to the discussion here by relating Corbett’s observations on the maritime domain to cyberspace:

  • The normal state of cyberspace is uncontrolled; in conflict control is normally in dispute. 
  • The goal is control of cyberspace; this implies that control from making ‘shore’ for limited amounts of time (the fluidity of control) all speak to injecting the likeness of cyberspace into maritime theory as a way to comprehend the complexities of cyber warfare. 

The challenges of cyber warfare and its complexities extended into the world of politics, questioning deeply embedded assumptions about the primacy of the state, the authority of government and the role of government agencies and the armed forces as providers of national security. Just as nations attempt to deter rivals from attacking in conventional weapons, so countries are developing the concept of cyber deterrence to help to prevent digital attacks from occurring in the first place, by making the cost of the attack too high for any potential assailant. 

One way of doing that is securing and hardening their own computer systems so that is becomes very hard, and very expensive, for any attacker to find weaknesses. Some argue cyber war will never take place; others argue cyber war is taking place right now. Beyond the famous example of Stuxnet pure cyber war operations will remain extremely rare, but already the concept has become absorbed into the broader set of military options that exist, just like other new technologies, such as submarines and aircraft, in the past.

It's possible that cyber weapons may also become a more common feature of low intensity skirmishes between nations because they are capable of causing confusion and chaos but not too much damage. But it's unlikely that a war would ever be fought purely with digital weapons because they are too expensive and hard to control and of limited impact. That doesn't mean cyber warfare is irrelevant, rather that some kind of cyber warfare capability will be part of almost every military engagement from now on.

President Bill Clinton referred to cyber warfare when in 2001 when he said, “today, our critical systems, from power structures to air traffic control, are connected and run by computers” and that someone can sit at the same computer, hack into a computer system, and potentially paralyse a company, a city, or a government.”

  • In the spring of 2007, an unprecedented series of so-called distributed denial of service, or DDoS, attacks struck websites across Estonia, taking down the country’s online banking, digital news media, government sites, and practically anything else that had a web presence. The attacks were a response to the Estonian government’s decision to move a Soviet-era statue out of a central location in the capital city of Tallinn, angering the country’s Russian-speaking minority and triggering protests on the city’s streets and the web.
  • The world’s conception of cyber war changed forever in 2010. It started when VirusBlokAda, a security firm in Belarus, found a mysterious piece of malware that crashed the computers running its antivirus software. By September of that year, the security research community had come to the shocking conclusion that the specimen of malware, Stuxnet, was in fact the most sophisticated piece of code ever engineered for a cyber attack, and that it was specifically designed to destroy the centrifuges used in Iran’s nuclear enrichment facilities.

Governments are becoming increasingly aware that we are now reliant on computer systems to run everything from financial services to transport networks, and that an attack against these systems could be just as damaging as traditional military campaign using troops armed with guns and missiles.

Paul N Cornish / AcademiaWired:       ITPro:      ResearchGate:       ZDNet:     Kings College London:   Image: Unsplash

You Might Also Read:

Cyber Warfare, Intelligence & Malware:

 

« Google Threatens To Leave Australia
Bezos Resigns As Amazon CEO »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Proact IT Group

Proact IT Group

Proact is Europe's leading independent data centre and Cloud services enabler. We deliver flexible, accessible and secure IT solutions and services.

Israel Aerospace Industries (IAI)

Israel Aerospace Industries (IAI)

IAI offers a holistic approach that provides defense forces, governments, critical infrastructures and large enterprises with end-to-end cyber security & monitoring tools.

Arcanum Information Security (AIS)

Arcanum Information Security (AIS)

Arcanum Information Security is a specialist Information Assurance Consultancy and a leading provider of Cyber Security services to UK Defence, UK Government, Enterprise businesses and SMEs.

Comarch

Comarch

Comarch is a provider of IT business solutions to optimize operational and business processes. Cyber security solutions are focused on Identity Management and Security Assessment services.

Computer Forensics Consult (CFC)

Computer Forensics Consult (CFC)

Computer Forensics Consult provides disaster recovery, computer forensics, electronic discovery and litigation support services in the growing area of Cyber Security.

ThirdWatch

ThirdWatch

ThirdWatch is a Data Science company with real-time automated fraud prevention solutions.

GulfTalent

GulfTalent

GulfTalent is the leading job site for professionals in the Middle East and Gulf region covering all sectors and job categories, including cybersecurity.

Secure Recruitment

Secure Recruitment

Secure Recruitment is a specialist Executive Search business that focuses its efforts on attracting specific exceptional talent in Cyber Security.

ThreatGen

ThreatGen

ThreatGEN™ works with your team to improve your resiliency and industrial cybersecurity capabilities through an innovative and modernized approach to training and services.

Green House Data

Green House Data

Green House Data is a managed services provider delivering hybrid solutions to enterprises who need secure IT environments and efficient management of their critical applications and business data.

Krista Software

Krista Software

Krista is an intelligent automation platform that combines iPaaS and Conversational AI to automate complete business processes across your teams and apps.

Beetles Cyber Security

Beetles Cyber Security

Beetles is a crowdsourced penetration testing platform designed to build a trusted, hacker-centric approach to protectan organization’s digital attack surface.

OneStep Group

OneStep Group

OneStep Group are a leading Australian provider of information and communications technology (ICT) services, connecting businesses through technology solutions and support.

Secuvy

Secuvy

Secuvy leads in data security, privacy, compliance, and governance, offering a unified platform for proactive data discovery, management, protection, and enhanced data value.

OmniIndex

OmniIndex

OmniIndex PostgresBC is the only commercial solution allowing you to keep your most sensitive and critical data encrypted while analyzing it. Structured and unstructured.

Veracity Trust Network

Veracity Trust Network

Veracity Trust Network safeguards organisations from the threat of bot attacks on their public facing platforms.