Enemy Action - The Distinctive Features Of Cyber Warfare

Uploaded on 2021-02-03 in TECHNOLOGY--Hackers, INTELLIGENCE--International, GOVERNMENT-Defence, FREE TO VIEW

Cyber warfare currently refers to the use of digital attacks, like computer viruses and hacking to take enemy system down. Future wars will see hackers using computer code to attack an enemy's infrastructure, fighting alongside troops using conventional weapons like guns and missiles.

Cyber attacks on a global scale increasingly continue to threaten critical infrastructures, information networks, and digital control systems that fundamentally support our national security and improve our quality of life. Right now, for any government the ability to respond appropriately to a cyber attack in a timely and effective manner has never been more important. 

Unlike traditional military attacks, a cyber attack can be launched instantaneously from any distance, with little obvious evidence of any build-up, unlike a traditional military operation and these attack can often be extremely hard to trace back with any certainty to its perpetrators, making retaliation much harder. Cyber warfare can enable actors to achieve their political and strategic goals without the need for armed conflict. Cyberspace gives disproportionate power to small and otherwise relatively insignificant actors. 

Operating behind false IP addresses, foreign servers and aliases, attackers can act with almost complete anonymity and relative impunity, at least in the short term. 

In cyberspace the boundaries are blurred between the military and the civilian, and between the physical and the virtual; and power can be exerted by states or non-state actors, or by proxy. Cyberspace should be viewed as the ‘fifth battlespace’, alongside the more traditional arenas of land, air, sea and space.

Cyber warfare is best understood as a new but not entirely separate component of this multifaceted conflict environment. 

Warlike actions in cyberspace are more likely to occur in conjunction with other forms of coercion and confrontation. However, the ways and means of cyber warfare remain undeniably distinct from these other modes of conflict. 
However there are similarities between the sea and cyberspace which suggest using maritime warfare theory to help us to begin understanding cyber warfare. 

Maritime warfare, specifically sea control, sea denial, and disputed sea control provide a foundation for understanding cyber warfare. 

Content and code moving in cyberspace have similar characteristics to forces moving from the sea, a fluidity of movement, omni–directional avenues of approach, and the necessity to make ‘shore’ (move to where the human and machines are) in order to be useable. Additionally, the ability to control or deny access, dispute control, and prevent the force 
The intertwining of cyberspace and human activity in the twenty–first century means cyberspace is a linchpin of society's collective life.

It illustrates our dependence on cyberspace for resources, as the primary medium for the spread of information, and decision making. 

The need to appreciate the complexity of cyberspace in peace and war will only increase as authorities drive consumers, employees, and the general populace to cyberspace for communication, work, shopping, banking, entertainment, and war fighting. 

The same methodology can be applied to the discussion here by relating Corbett’s observations on the maritime domain to cyberspace:

  • The normal state of cyberspace is uncontrolled; in conflict control is normally in dispute. 
  • The goal is control of cyberspace; this implies that control from making ‘shore’ for limited amounts of time (the fluidity of control) all speak to injecting the likeness of cyberspace into maritime theory as a way to comprehend the complexities of cyber warfare. 

The challenges of cyber warfare and its complexities extended into the world of politics, questioning deeply embedded assumptions about the primacy of the state, the authority of government and the role of government agencies and the armed forces as providers of national security. Just as nations attempt to deter rivals from attacking in conventional weapons, so countries are developing the concept of cyber deterrence to help to prevent digital attacks from occurring in the first place, by making the cost of the attack too high for any potential assailant. 

One way of doing that is securing and hardening their own computer systems so that is becomes very hard, and very expensive, for any attacker to find weaknesses. Some argue cyber war will never take place; others argue cyber war is taking place right now. Beyond the famous example of Stuxnet pure cyber war operations will remain extremely rare, but already the concept has become absorbed into the broader set of military options that exist, just like other new technologies, such as submarines and aircraft, in the past.

It's possible that cyber weapons may also become a more common feature of low intensity skirmishes between nations because they are capable of causing confusion and chaos but not too much damage. But it's unlikely that a war would ever be fought purely with digital weapons because they are too expensive and hard to control and of limited impact. That doesn't mean cyber warfare is irrelevant, rather that some kind of cyber warfare capability will be part of almost every military engagement from now on.

President Bill Clinton referred to cyber warfare when in 2001 when he said, “today, our critical systems, from power structures to air traffic control, are connected and run by computers” and that someone can sit at the same computer, hack into a computer system, and potentially paralyse a company, a city, or a government.”

  • In the spring of 2007, an unprecedented series of so-called distributed denial of service, or DDoS, attacks struck websites across Estonia, taking down the country’s online banking, digital news media, government sites, and practically anything else that had a web presence. The attacks were a response to the Estonian government’s decision to move a Soviet-era statue out of a central location in the capital city of Tallinn, angering the country’s Russian-speaking minority and triggering protests on the city’s streets and the web.
  • The world’s conception of cyber war changed forever in 2010. It started when VirusBlokAda, a security firm in Belarus, found a mysterious piece of malware that crashed the computers running its antivirus software. By September of that year, the security research community had come to the shocking conclusion that the specimen of malware, Stuxnet, was in fact the most sophisticated piece of code ever engineered for a cyber attack, and that it was specifically designed to destroy the centrifuges used in Iran’s nuclear enrichment facilities.

Governments are becoming increasingly aware that we are now reliant on computer systems to run everything from financial services to transport networks, and that an attack against these systems could be just as damaging as traditional military campaign using troops armed with guns and missiles.

Paul N Cornish / AcademiaWired:       ITPro:      ResearchGate:       ZDNet:     Kings College London:   Image: Unsplash

You Might Also Read:

Cyber Warfare, Intelligence & Malware:

 

« Google Threatens To Leave Australia
Bezos Resigns As Amazon CEO »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

SiteGuarding

SiteGuarding

SiteGuarding provide website security tools and services to protect your website against malware and hacker exploits.

Forensic Control

Forensic Control

Forensic Control specialise in providing simple & straightforward Cyber Security to organisations, helping them assess, prevent and respond to cyber threats.

Tukan IT

Tukan IT

Tukan IT provides a data classification and protection solution.

Cybellum

Cybellum

Cybellum provides software risk assessment for DevOps and security executives, by detecting vulnerabilities automatically, without source code.

Remediant

Remediant

Remediant is the leader in Precision Privileged Access Management. We protect organizations from ransomware and data theft via stolen credentials and lateral movement.

London Office for Rapid Cybersecurity Advancement (LORCA)

London Office for Rapid Cybersecurity Advancement (LORCA)

LORCA's mission is to support the most promising cyber security innovators in growing solutions to meet the most pressing industry challenges and build the UK’s international cyber security profile.

SureVine

SureVine

Surevine builds secure, scalable collaboration solutions for the most security conscious organisations, enabling collaboration on their most sensitive information.

Randori

Randori

Randori is an attack platform that provides "red-teaming" as a service — basically, staging simulated hack attacks to test for vulnerabilities and gaps in the security response.

ShieldIOT

ShieldIOT

ShieldIOT delivers a complete AI-powered security solution across any IoT device, application and network.

CyberCareers.gov

CyberCareers.gov

CyberCareers.gov is a platform for Cybersecurity Job Seekers, Federal Hiring Managers and Supervisors, Current Federal Cybersecurity Employees, Students and Universities.

Symantec

Symantec

Symantec delivers data-centric hybrid security for the largest, most complex organizations in the world – on devices, in private data centers, and in the cloud.

Titans24

Titans24

Titans24 is a Software-as-a-Service security platform for web applications. It prevents attacks on business websites that are protected under 11 cyber-security layers.

Information Services Group (ISG)

Information Services Group (ISG)

As a leading global research and advisory firm, ISG partners with our clients to determine a future vision, lead rapid change and realize the value of your digital investments at scale.

Rimstorm

Rimstorm

Rimstorm’s mission is to significantly improve the security of your data using award-winning, state-of-the-art technology combined with cyber managed security services.

Persistent Systems

Persistent Systems

Persistent Systems are a trusted Digital Engineering and Enterprise Modernization partner, combining deep technical expertise and industry experience to help our clients.

ZoobeTek

ZoobeTek

ZoobeTek are a company focused on preventing leaks related to the security of business information3.