The Emerging Domain Of Cyber War

Cyber warfare is the use of technology to attack a nation's computers or information networks, causing comparable harm to actual warfare, be it damage, death or destruction. It has many advantages as great distances can be crossed in seconds or even less, without the need for planes, tanks, soldiers or ships or satellites and it can be done often without the opponent knowing what is actually happening.

It can take down computer security, knock-out electricity and power systems and can also be used to steal military secrets, engage in propaganda and fake news, which increases the fear and misunderstanding in the population who often don’t know that it is under attack.

There is argument and debate regarding the definition of cyber warfare. There are differing views about what the term cyber war actually means, and some say that there have not been any cyber-attacks that can be described as warfare. 
However, the pace, frequency, and intensity of cyber-attacks are now greater than ever. As the physical realm inevitably merges with the cyber one, forming a new kind of infrastructure, cyber attacks on this infrastructure can have a catastrophic impact on our energy, waste, water, transportation, and telecommunications facilities. 

Most countries are completely under-prepared to protect their people and property against such attacks and it is predicted by Juniper Research that the cost of cyber crimes will exceed $5 trillion over the next five years.

Russia and China are developing cyber weapons to use in any future cyber conflict and the US, France, UK and Israel are just as active as nation states leading the way in these endeavors. The Stuxnet malware was one example of a cyber war attack which was a joint cyber venture between Israel and the USA to destroy Iran's nuclear programme capability. 

What Is Cyber War?

Cyber warfare refers to the use of digital attacks, like computer viruses and hacking, by one country to disrupt the vital computer systems of another, with the aim of creating damage, death and destruction. A shadowy world that is still filled with spies, hackers and top secret digital weapons projects, cyber warfare is an increasingly common, and dangerous, feature of international conflicts. 

Future wars will see hackers using computer code to attack an enemy's infrastructure, fighting alongside troops using conventional weapons like guns and missiles.

Right now the combination of an ongoing cyber warfare arms race and a lack of clear rules governing online conflict means there is a real risk that incidents could rapidly escalate out of control. The state of international relations is dominated by the Coronavirus epidemic, causing big problems for governments and organisations who find they now have to manage numerous  homeworking employees.

The cyber security issues have increased significantly as systems security is now under so much more pressure as employees often ignore their organisations cyber security requirements.

Security compliance is the central nervous system of an organisation’s cyber posture. It disseminates intelligence and coordinates offensive and defensive measures to protect the organisation from foreign intrusion. Using artificial intelligence, security professionals can peel away the complex layers of government and shed light on the underlying infrastructure and its vulnerabilities.

Just like normal warfare which can range from limited skirmishes to full-on battles, the impact of cyberwarfare will vary by target and severity. 

In many cases the computer systems are not the final target, they are being targeted because of their role in managing real-world infrastructure like airports or power grids. Knock out the computers and you can shut down the airport or the power station as a result. Cyber warfare takes place at a speed physical warfare is simply incapable of. It is fast, sudden, and uninhibited by the size of forces, complexity of the terrain, location, or the unity of alliances. Rather than relying on a human force, bad actors use automated minions to wreak havoc. 

The speed at which we detect, analyse, and respond to security incidents will affect who wins this war. Blockchain and AI can be used to accelerate the security process.

  • The blockchain’s shared distributed ledger can be used for storing security events and incidents to provide an immutable source of truth.  
  • AI can analyse that data to predict threats based on patterns and anomalies. Humans may be smarter but robots are faster. If supervised correctly, robots can evolve and execute tasks with less bias, fewer mistakes, and reduced downtime.

The greatest security threats to an organisation are the people who operate it. If security is too complex, people will either avoid or circumvent the process. 

In the future the most likely targets are military systems thereby preventing commanders from communicating with their troops or seeing where the enemy is therefore giving an advantage to the enemy. Education is key to promoting organisational cyber security hygiene. Organisations must build a culture of awareness to respond to any crisis, the organisations must constantly measure, assess, and improve the cyber security maturity model. This can be achieved by using AI to analyse the workforce and make strategic, targeting investments to elevate the workforce’s understanding of security.

AI can be used to identify clusters of people who follow security policies as well as those who take shortcuts. Training resources can then be used in a more efficient, targeted manner.

Most developed economies rely on computerised systems for everything from power to food and transport, many governments are very worried that rival states may target critical national infrastructure. Supervisory control and data acquisition (SCADA) systems, or industrial control systems, which run factories, power stations and other industrial processes, are a big target, as Stuxnet showed.

These systems can be decades old and were rarely designed with security as a priority, but are increasingly being connected to the internet to make them more efficient or easy to monitor. 

But this also makes these systems more vulnerable to attack, and security is rarely upgraded because the organisations operating them do not consider themselves to be a target. Recently Britain’s most senior cyber general Gen Sir Patrick Sanders, who heads the UK’s strategic command said the UK possesses the capacity to “degrade, disrupt and destroy” its enemies’ critical infrastructure in a future cyber conflict, in a rare acknowledgement of the military’s offensive hacking capability. 

As the cyber war arms race escalates, none of the suggested cyber-peace initiatives has gained much traction. Critics point out that cyber-attack motives are hard to define, a cyber espionage or reconnaissance intrusion can often look a lot like a cyberwar attack in progress, and determining the identities of the hackers responsible can often be even harder.

What the world needs now is an international treaty to monitor and restrain the possibilities for cyber earfare.

IT Pro:      Oodaloop:       ZDNet:     Wired:       Guardian:

You Might Also Read:

Cyber Warfare, Intelligence & Malware:

 

« Is Big Tech 'Fixing' The US Election?
Iranian Government Agencies Hacked »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Prolinx

Prolinx

Prolinx provide secure Data Centre hosting services and other fully managed security services for networks and information systems.

ISACA Conferences

ISACA Conferences

ISACA is dedicated to offering the most dynamic and inclusive conferences to keep you abreast of the latest advances in IT and Information Security.

Intezer Labs

Intezer Labs

The only solution replicating the concepts of the biological immune system into cyber-security. Intezer provides enterprises with unparalleled Threat Detection and accelerates Incident Response.

Entreda

Entreda

Entreda offers a unified platform to automate cybersecurity and compliance policy enforcement for your devices, users, networks, applications.

Cobalt Labs

Cobalt Labs

Pen Testing as a Service for Modern SaaS Businesses. Cobalt is redefining the modern pen test for companies who want serious hacker-like testing built into their development cycle.

Osirium

Osirium

The Osirium PxM Privileged Access Management platform addresses both security and compliance requirements by defining who gets access to what and when.

swIDCH

swIDCH

swIDch is a technology company that aims to eliminate CNP (card not present) Fraud.

AirEye

AirEye

AirEye is a leader in Network Airspace Protection (NAP). Block attacks against your corporate network launched from wireless devices in your corporate network airspace.

7layers

7layers

7layers has established itself as one of the world’s leading test house groups for mobile devices and the growing number of wireless devices, modules and chipsets.

Seraphic Security

Seraphic Security

Seraphic Security provides attack protection to enable safe browsing for employees or contractors, as well as advanced governance controls to enforce enterprise policies across devices.

Telesign

Telesign

Telesign connect, protect, and defend online experiences with sophisticated digital identity and programmable communications solutions.

DV Cyber Security

DV Cyber Security

DV Cyber (formerly A76) is an innovative cyber security company vertically focused on Threat Intelligence and Cyber Security Research.

ARGOS Cloud Security

ARGOS Cloud Security

ARGOS aims to simplify and strengthen cloud security, by creating a visual map of security vulnerabilities, to your priceless information stored in any cloud provider environment.

One Step Secure IT

One Step Secure IT

One Step provide Managed IT Services, Cybersecurity Protections, and Compliance to businesses in the USA nationwide.

Ethnos Cyber

Ethnos Cyber

Ethnos Cyber is Africa’s leading cybersecurity and compliance management company. We provide Information Security, Risk Management, Cybersecurity and Compliance Management solutions to clients.

E-CQURITY (ECQ)

E-CQURITY (ECQ)

ECQ is a network security company offering offensive security services and solutions focused on active offensive and defensive positioning.