Enemy Action - The Distinctive Features Of Cyber Warfare

Cyber warfare currently refers to the use of digital attacks, like computer viruses and hacking to take enemy system down. Future wars will see hackers using computer code to attack an enemy's infrastructure, fighting alongside troops using conventional weapons like guns and missiles.

Cyber attacks on a global scale increasingly continue to threaten critical infrastructures, information networks, and digital control systems that fundamentally support our national security and improve our quality of life. Right now, for any government the ability to respond appropriately to a cyber attack in a timely and effective manner has never been more important. 

Unlike traditional military attacks, a cyber attack can be launched instantaneously from any distance, with little obvious evidence of any build-up, unlike a traditional military operation and these attack can often be extremely hard to trace back with any certainty to its perpetrators, making retaliation much harder. Cyber warfare can enable actors to achieve their political and strategic goals without the need for armed conflict. Cyberspace gives disproportionate power to small and otherwise relatively insignificant actors. 

Operating behind false IP addresses, foreign servers and aliases, attackers can act with almost complete anonymity and relative impunity, at least in the short term. 

In cyberspace the boundaries are blurred between the military and the civilian, and between the physical and the virtual; and power can be exerted by states or non-state actors, or by proxy. Cyberspace should be viewed as the ‘fifth battlespace’, alongside the more traditional arenas of land, air, sea and space.

Cyber warfare is best understood as a new but not entirely separate component of this multifaceted conflict environment. 

Warlike actions in cyberspace are more likely to occur in conjunction with other forms of coercion and confrontation. However, the ways and means of cyber warfare remain undeniably distinct from these other modes of conflict. 
However there are similarities between the sea and cyberspace which suggest using maritime warfare theory to help us to begin understanding cyber warfare. 

Maritime warfare, specifically sea control, sea denial, and disputed sea control provide a foundation for understanding cyber warfare. 

Content and code moving in cyberspace have similar characteristics to forces moving from the sea, a fluidity of movement, omni–directional avenues of approach, and the necessity to make ‘shore’ (move to where the human and machines are) in order to be useable. Additionally, the ability to control or deny access, dispute control, and prevent the force 
The intertwining of cyberspace and human activity in the twenty–first century means cyberspace is a linchpin of society's collective life.

It illustrates our dependence on cyberspace for resources, as the primary medium for the spread of information, and decision making. 

The need to appreciate the complexity of cyberspace in peace and war will only increase as authorities drive consumers, employees, and the general populace to cyberspace for communication, work, shopping, banking, entertainment, and war fighting. 

The same methodology can be applied to the discussion here by relating Corbett’s observations on the maritime domain to cyberspace:

  • The normal state of cyberspace is uncontrolled; in conflict control is normally in dispute. 
  • The goal is control of cyberspace; this implies that control from making ‘shore’ for limited amounts of time (the fluidity of control) all speak to injecting the likeness of cyberspace into maritime theory as a way to comprehend the complexities of cyber warfare. 

The challenges of cyber warfare and its complexities extended into the world of politics, questioning deeply embedded assumptions about the primacy of the state, the authority of government and the role of government agencies and the armed forces as providers of national security. Just as nations attempt to deter rivals from attacking in conventional weapons, so countries are developing the concept of cyber deterrence to help to prevent digital attacks from occurring in the first place, by making the cost of the attack too high for any potential assailant. 

One way of doing that is securing and hardening their own computer systems so that is becomes very hard, and very expensive, for any attacker to find weaknesses. Some argue cyber war will never take place; others argue cyber war is taking place right now. Beyond the famous example of Stuxnet pure cyber war operations will remain extremely rare, but already the concept has become absorbed into the broader set of military options that exist, just like other new technologies, such as submarines and aircraft, in the past.

It's possible that cyber weapons may also become a more common feature of low intensity skirmishes between nations because they are capable of causing confusion and chaos but not too much damage. But it's unlikely that a war would ever be fought purely with digital weapons because they are too expensive and hard to control and of limited impact. That doesn't mean cyber warfare is irrelevant, rather that some kind of cyber warfare capability will be part of almost every military engagement from now on.

President Bill Clinton referred to cyber warfare when in 2001 when he said, “today, our critical systems, from power structures to air traffic control, are connected and run by computers” and that someone can sit at the same computer, hack into a computer system, and potentially paralyse a company, a city, or a government.”

  • In the spring of 2007, an unprecedented series of so-called distributed denial of service, or DDoS, attacks struck websites across Estonia, taking down the country’s online banking, digital news media, government sites, and practically anything else that had a web presence. The attacks were a response to the Estonian government’s decision to move a Soviet-era statue out of a central location in the capital city of Tallinn, angering the country’s Russian-speaking minority and triggering protests on the city’s streets and the web.
  • The world’s conception of cyber war changed forever in 2010. It started when VirusBlokAda, a security firm in Belarus, found a mysterious piece of malware that crashed the computers running its antivirus software. By September of that year, the security research community had come to the shocking conclusion that the specimen of malware, Stuxnet, was in fact the most sophisticated piece of code ever engineered for a cyber attack, and that it was specifically designed to destroy the centrifuges used in Iran’s nuclear enrichment facilities.

Governments are becoming increasingly aware that we are now reliant on computer systems to run everything from financial services to transport networks, and that an attack against these systems could be just as damaging as traditional military campaign using troops armed with guns and missiles.

Paul N Cornish / AcademiaWired:       ITPro:      ResearchGate:       ZDNet:     Kings College London:   Image: Unsplash

You Might Also Read:

Cyber Warfare, Intelligence & Malware:

 

« Google Threatens To Leave Australia
Bezos Resigns As Amazon CEO »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

SharkGate

SharkGate

SharGate provide a cloud-based website security solution to protect websites from being hacked.

Seclab

Seclab

Seclab is an innovative player in the protection of industrial systems and critical infrastructure against sophisticated cyber attacks.

Cybernetica

Cybernetica

Cybernetica is an ICT company with activities in e-government, marine comms, data analysis and research in information security technologies.

Payatu

Payatu

Payatu Technologies is a security testing and services company specialized in Software, Application and Infrastructure security assessments and deep technical security training.

STM

STM

STM provides system engineering, technical support, project management, technology transfer and logistics support services for the Turkish Armed Forces.

SevenShift

SevenShift

SevenShift is a security consulting firm with a wealth of experience in the worlds of Cybersecurity and Internet of Things (IoT).

Learn How To Become

Learn How To Become

At LearnHowToBecome.org, our mission is to help any job-seeker understand what it takes to build and develop a career. We cover many specialist areas including cybersecurity.

CyberMDX

CyberMDX

CyberMDX delivers proactive security built for hospital devices. 360° visibility, insight, and protection for all connected hospital technologies.

SecZetta

SecZetta

SecZetta provides third-party identity risk solutions that are easy to use, and purpose built to help organizations execute risk-based identity access and lifecycle strategies.

e-Careers

e-Careers

e-Careers is an edtech institution that provides industry recognised courses and up-skilling solutions to individuals and organisations.

SuperCom

SuperCom

SuperCom are a global secure solutions integrator and technology provider for governments and other consumers facing organizations around the world.

Enzen

Enzen

Enzen is a global knowledge practice that provides consulting, technology, engineering, operating and innovation services to the energy and utility sectors.

Immunefi

Immunefi

Immunefi provides bug bounty hosting, consultation, and program management services to blockchain and smart contract projects.

Globesecure Technologies

Globesecure Technologies

Globesecure Technologies is a networks and cyber security company. We are here to resolve business security challenges and secure the digital transformation journey of our clients.

NetScout Systems

NetScout Systems

NetScout assures digital business services against disruptions in availability, performance, and security.

Hilltop Technologies

Hilltop Technologies

Hilltop Technologies is a cybersecurity company specialized in managed security services and consulting tailored for all sectors from higher education to publicly traded companies.

New Relic

New Relic

After inventing application performance monitoring (APM), New Relic stands at the forefront of observability with the most advanced platform for eliminating digital interruptions.