The Emerging Domain Of Cyber War

Cyber warfare is the use of technology to attack a nation's computers or information networks, causing comparable harm to actual warfare, be it damage, death or destruction. It has many advantages as great distances can be crossed in seconds or even less, without the need for planes, tanks, soldiers or ships or satellites and it can be done often without the opponent knowing what is actually happening.

It can take down computer security, knock-out electricity and power systems and can also be used to steal military secrets, engage in propaganda and fake news, which increases the fear and misunderstanding in the population who often don’t know that it is under attack.

There is argument and debate regarding the definition of cyber warfare. There are differing views about what the term cyber war actually means, and some say that there have not been any cyber-attacks that can be described as warfare. 
However, the pace, frequency, and intensity of cyber-attacks are now greater than ever. As the physical realm inevitably merges with the cyber one, forming a new kind of infrastructure, cyber attacks on this infrastructure can have a catastrophic impact on our energy, waste, water, transportation, and telecommunications facilities. 

Most countries are completely under-prepared to protect their people and property against such attacks and it is predicted by Juniper Research that the cost of cyber crimes will exceed $5 trillion over the next five years.

Russia and China are developing cyber weapons to use in any future cyber conflict and the US, France, UK and Israel are just as active as nation states leading the way in these endeavors. The Stuxnet malware was one example of a cyber war attack which was a joint cyber venture between Israel and the USA to destroy Iran's nuclear programme capability. 

What Is Cyber War?

Cyber warfare refers to the use of digital attacks, like computer viruses and hacking, by one country to disrupt the vital computer systems of another, with the aim of creating damage, death and destruction. A shadowy world that is still filled with spies, hackers and top secret digital weapons projects, cyber warfare is an increasingly common, and dangerous, feature of international conflicts. 

Future wars will see hackers using computer code to attack an enemy's infrastructure, fighting alongside troops using conventional weapons like guns and missiles.

Right now the combination of an ongoing cyber warfare arms race and a lack of clear rules governing online conflict means there is a real risk that incidents could rapidly escalate out of control. The state of international relations is dominated by the Coronavirus epidemic, causing big problems for governments and organisations who find they now have to manage numerous  homeworking employees.

The cyber security issues have increased significantly as systems security is now under so much more pressure as employees often ignore their organisations cyber security requirements.

Security compliance is the central nervous system of an organisation’s cyber posture. It disseminates intelligence and coordinates offensive and defensive measures to protect the organisation from foreign intrusion. Using artificial intelligence, security professionals can peel away the complex layers of government and shed light on the underlying infrastructure and its vulnerabilities.

Just like normal warfare which can range from limited skirmishes to full-on battles, the impact of cyberwarfare will vary by target and severity. 

In many cases the computer systems are not the final target, they are being targeted because of their role in managing real-world infrastructure like airports or power grids. Knock out the computers and you can shut down the airport or the power station as a result. Cyber warfare takes place at a speed physical warfare is simply incapable of. It is fast, sudden, and uninhibited by the size of forces, complexity of the terrain, location, or the unity of alliances. Rather than relying on a human force, bad actors use automated minions to wreak havoc. 

The speed at which we detect, analyse, and respond to security incidents will affect who wins this war. Blockchain and AI can be used to accelerate the security process.

  • The blockchain’s shared distributed ledger can be used for storing security events and incidents to provide an immutable source of truth.  
  • AI can analyse that data to predict threats based on patterns and anomalies. Humans may be smarter but robots are faster. If supervised correctly, robots can evolve and execute tasks with less bias, fewer mistakes, and reduced downtime.

The greatest security threats to an organisation are the people who operate it. If security is too complex, people will either avoid or circumvent the process. 

In the future the most likely targets are military systems thereby preventing commanders from communicating with their troops or seeing where the enemy is therefore giving an advantage to the enemy. Education is key to promoting organisational cyber security hygiene. Organisations must build a culture of awareness to respond to any crisis, the organisations must constantly measure, assess, and improve the cyber security maturity model. This can be achieved by using AI to analyse the workforce and make strategic, targeting investments to elevate the workforce’s understanding of security.

AI can be used to identify clusters of people who follow security policies as well as those who take shortcuts. Training resources can then be used in a more efficient, targeted manner.

Most developed economies rely on computerised systems for everything from power to food and transport, many governments are very worried that rival states may target critical national infrastructure. Supervisory control and data acquisition (SCADA) systems, or industrial control systems, which run factories, power stations and other industrial processes, are a big target, as Stuxnet showed.

These systems can be decades old and were rarely designed with security as a priority, but are increasingly being connected to the internet to make them more efficient or easy to monitor. 

But this also makes these systems more vulnerable to attack, and security is rarely upgraded because the organisations operating them do not consider themselves to be a target. Recently Britain’s most senior cyber general Gen Sir Patrick Sanders, who heads the UK’s strategic command said the UK possesses the capacity to “degrade, disrupt and destroy” its enemies’ critical infrastructure in a future cyber conflict, in a rare acknowledgement of the military’s offensive hacking capability. 

As the cyber war arms race escalates, none of the suggested cyber-peace initiatives has gained much traction. Critics point out that cyber-attack motives are hard to define, a cyber espionage or reconnaissance intrusion can often look a lot like a cyberwar attack in progress, and determining the identities of the hackers responsible can often be even harder.

What the world needs now is an international treaty to monitor and restrain the possibilities for cyber earfare.

IT Pro:      Oodaloop:       ZDNet:     Wired:       Guardian:

You Might Also Read:

Cyber Warfare, Intelligence & Malware:

 

« Is Big Tech 'Fixing' The US Election?
Iranian Government Agencies Hacked »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Bulb Security

Bulb Security

Whether your internal red team or penetration testing team needs training, or you lack internal resources and need an outsourced penetration test, Bulb Security can help.

Telos

Telos

Telos offers cybersecurity solutions and services that empower and protect the world’s most security-conscious enterprises.

Datto

Datto

Datto delivers a single toolbox of easy to use products and services designed specifically for managed service providers and the businesses they serve.

Snow Software

Snow Software

Snow Software is changing the way organizations think about their technology investments, empowering IT and business leaders to drive transformation with precision and agility.

Adeptis Group

Adeptis Group

Adeptis are experts in cyber security recruitment, providing bespoke staffing solutions to safeguard your organisation against ever-changing cyber threats.

SharkGate

SharkGate

SharGate provide a cloud-based website security solution to protect websites from being hacked.

Tukan IT

Tukan IT

Tukan IT provides a data classification and protection solution.

Hellenic Accreditation System (ESYD)

Hellenic Accreditation System (ESYD)

ESYD is the national accreditation body for Greece. The directory of members provides details of organisations offering certification services for ISO 27001.

ISMS Accreditation Center (ISMS-AC)

ISMS Accreditation Center (ISMS-AC)

ISMS-AC is the national accreditation body for Japan. The directory of members provides details of organisations offering certification services for ISO 27001.

CUJO AI

CUJO AI

CUJO AI is the global leader in the development and application of artificial intelligence to improve the security, control and privacy of connected devices in homes and businesses.

Binary Security AS

Binary Security AS

Binary Security is a Norwegian information security consultancy company. We are specialists at application security, penetration testing and secure code reviews.

Microminder Cyber Security

Microminder Cyber Security

Microminder Cyber Security are innovators, advisors, strategists committed to solving your cyber security challenges.

Purple Team

Purple Team

Purple Team is an expert cybersecurity and managed security service provider focused on arming your IT infrastructure with both red team and blue team services.

ShellBoxes

ShellBoxes

ShellBoxes are a leading Web3 company focused on providing top-notch blockchain security and development services.

SIGLA Group

SIGLA Group

SIGLA Group specialize in the design and development of IT and OT solutions, from analysis to design, from implementation to commissioning, as well as consultancy, training and assistance.

Ampsight

Ampsight

Ampsight specializes in enabling cloud integration, securing data, and navigating complications that drive critical-mission success.