The evolution of technology brings significant changes and great advantages. However, it also brings great cyber threats.
The possibility of cyberwar looms large in the future—a new form of combat—capable of leapfrogging boundaries and teleporting war's mayhem to humans thousands of miles away.
In this article, we explain what cyberwar is, explore the many types of cyberwar, and show you how to defend yourself against them. Also you can read about the basics you need to know on how to defense your company in a time of war.
In this article:
What Are the Goals of a Cyberwar?
The definition of cyberwar is a type of warfare that uses computer networks and technology to attack another country. The primary goal of cyberwar is to disrupt, damage, degrade, and, if possible, destroy the purported enemy's information technology infrastructure.
The goals of cyberwar can be split into two categories:
- Disrupting, damaging, or destroying a country's computer networks and infrastructure. This goal is usually achieved by carrying out digital attacks that disable critical systems or render them unusable. This can include targeted cyberwar attacks on power grids, financial systems, transportation networks, and communication networks.
- Stealing sensitive information or causing economic damage. The goal is achieved by stealing data or money or causing economic damage through the destruction of property or the loss of business.
After covering the basics of cyberwar, it’s time to focus on different types of cyberattacks and how they are carried out.
Types of Cyberwarfare Attacks
There are many different cyberwarfare attacks, but they can be broadly classified into the following categories.
Espionage refers to gathering intelligence about another country or organization without their knowledge or permission. Cyberespionage is most frequently used to steal sensitive information such as military plans, economic data, and trade secrets.
Cyberespionage can be carried out by planting malware on a target's computer networks or using phishing and social engineering strategies to trick people into revealing sensitive information.
Sabotage is deliberately damaging or destroying property to cause economic loss or disruption.
In cyberwar, sabotage can be used to disable critical infrastructures such as power grids, financial systems, transportation, or military networks. Sabotage can also be used to destroy data or property, such as by unleashing a ransomware attack on a company's computer network.
Denial of Service
A denial of service (DoS) attack attempts to make a computer or network resource unavailable to its intended users.
In the context of cyberwar, a DoS attack can be used to disable a country's communication networks or take down a website. DoS attacks are usually accomplished by flooding the target with requests until it is overwhelmed and can no longer respond to legitimate requests.
A DDoS attack also occurs when several systems launch DoS attacks on a single system. These cyberattacks can be challenging to defend against.
Electrical Power Grid Attacks
An electrical power grid attack is a cyberwarfare attack that aims to disable a country's power grid.
Power grid attacks can be carried out by sabotaging physical infrastructure by damaging power lines or generators. They can also be carried out digitally by hacking into the computer systems that control the power grid and causing them to malfunction.
The effects of a power grid attack can be devastating, as it can cause widespread blackouts, economic damage, and even the death of people.
Propaganda is disseminating information, usually false or misleading, to promote a political agenda.
Propaganda attacks aim to influence the minds and hearts of those who live in or fight for the target country. Propaganda can be used to reveal embarrassing truths or propagate lies that cause citizens to lose trust in their country—or even empathize with the enemy.
In cyberwar, propaganda can be used to spread false information and disinformation to damage an enemy's reputation or sow discord among its citizens.
Cyber propaganda can be disseminated through social media, news websites, and even malicious email campaigns.
Economic disruption is a cyberwarfare attack that aims to damage an enemy's economy.
Economic disruption can be caused by sabotaging critical infrastructures, such as power grids and financial systems. It can also be caused by stealing trade secrets, economic data, or destroying property.
The effects of economic disruption can be catastrophic, as it can cause widespread financial loss, job loss, and increased poverty.
Now that you're familiar with cyberwar and cyberattacks let's examine a few real-life examples of cyberwarfare attacks.
Examples of Cyberwarfare Attacks
Now that you’re familiar with the definition of a cyberwar and all the different types of cyberattacks, it’s time to get familiar with real-life examples. In this section, we cover examples of cyberwarfare attacks that took place previously.
Arguably one of the most famous cyberattacks in history, Stuxnet is a computer malware that targets supervisory control and data acquisition (SCADA) systems. It is suspected of causing significant harm to Iran's nuclear program.
The Stuxnet worm first appeared in 2010, and it is believed to have been created by the United States and Israel. But, neither government has publicly accepted responsibility.
Iran formed a squad to battle the infection in reaction to it. An official added that the virus was quickly spreading in Iran, with more than 30,000 IP addresses infected, and that the problem had been worsened by Stuxnet's capacity to mutate.
Iran has built up its own infection-cleaning systems, and Stuxnet was successfully neutralized and removed from the country's machinery by Iranian engineers.
While the Stuxnet virus did not cause any direct loss of life, it was a highly sophisticated and well-coordinated cyberattack that caused billions of dollars in damages.
Sony Pictures Hack
In November 2014, a hacker group calling themselves "Guardians of Peace" released confidential material from the film studio Sony Pictures. The data included a trove of sensitive information, including employee social security numbers, email exchanges between executives, and upcoming movie scripts.
The hackers also released several embarrassing emails, which caused significant damage to Sony Pictures' reputation.
During the breach, the organization requested that Sony pull the upcoming comedy The Interview, a movie about a conspiracy to assassinate Kim Jong-un, the North Korean leader. The hackers threatened terrorist strikes on theaters showing the picture.
Many major U.S. theater chains decided not to exhibit The Interview in reaction to these threats. Therefore, Sony decided to cancel the film's formal premiere and mainstream distribution.
The U.S. government later attributed the hack to North Korea, though the hermit kingdom has denied any involvement.
While the Sony Pictures hack did not cause any physical damage, it was a major breach of privacy that caused significant financial losses and damage to the company's reputation.
Bronze Soldier Cyberattacks
In April 2007, riots broke out in the Estonian capital of Tallinn after the government decided to relocate a Soviet-era monument known as the Bronze Soldier of Tallinn. Many ethnic Russians saw the statue as a symbol of their suffering during World War II.
The riots were incited by a series of cyberattacks that crippled the Estonian government and the country's critical infrastructure, including its parliament, banks, media outlets, and government agencies. The attacks were carried out by botnets of infected computers, which were used to launch distributed denial-of-service (DoS) attacks.
One ethnic Russian-Estonian national, Konstantin Goloskokov, has been accused and convicted as of January 2008.
The Bronze Soldier cyberattacks caused widespread disruption and damage to Estonia's critical infrastructure but no loss of life.
Enemies of Qatar
In 2018, Elliott Broidy, a Republican fundraiser from the United States, sued the Qatari government, accusing it of obtaining and leaking his emails to discredit him. According to reports, the Qataris considered him a roadblock to boosting their image in Washington.
According to the lawsuit, the Qatari Emir's brother and others in Qatari leadership were accused of orchestrating a cyberwarfare effort. The same terrorists targeted 1,200 persons, many known "enemies of Qatar," including high-ranking officials from Egypt, Saudi Arabia, the United Arab Emirates, and Bahrain.
Russia's Cyberattacks in Ukraine
In addition to these instances, Ukraine is known as a country frequently exposed to cyberattacks by Russia. Here are the three most popular examples:
Fancy Bear (2014-2016)
In June 2016, CrowdStrike discovered and ascribed a series of targeted breaches at the Democratic National Committee (DNC) and other political groups that used a well-known implant known as X-Agent.
X-Agent is a cross-platform remote access toolkit linked to an actor called the FANCY BEAR. This actor has been the sole operator of the virus to date and has continued to create the platform for ongoing operations. CrowdStrike believes FANCY BEAR is linked to Russian Military Intelligence (GRU). The FANCY BEAR X-Agent implant was circulated covertly on Ukrainian military forums in a legitimate Android application from late 2014 to early 2016.
According to open-source data, Ukrainian artillery units have lost over half of their guns in the two years of conflict and over 80% of D-30 howitzers, which is the greatest rate of loss of any other artillery pieces in Ukraine’s arsenal.
This Russian hackers group is also believed to be responsible for several other high-profile cyberattacks, including the 2015 hack of the German parliament and the 2016 hack of the World Anti-Doping Agency (WADA).
Blackouts in Ukraine (2015)
In December 2015, Ukrainians experienced a series of power blackouts that lasted for several hours. The outage was caused by a cyberattack that targeted Ukraine's power grid. The hackers had successfully cut off the electricity to many Ukrainians in Kyiv and other places.
They used a malicious piece of custom-built software designed to automatically launch a power-killing process by delivering quick commands to circuit breakers in a victim’s utility called Crash Override.
This was the first cyberattack causing a power outage.
The attack was widely attributed to Russia, but the Kremlin has denied any involvement.
NotPetya is a ransomware virus that was first discovered in June 2017. The virus quickly spread across Ukraine and then to other countries, including the United Kingdom and the United States.
NotPetya was initially disguised as a piece of software called Petya, which is used to encrypt files on a victim's computer. Once installed, the virus would then spread to other computers on the same network.
The virus was different from other ransomware in that it was designed to destroy data rather than just encrypt it permanently. This made it much more destructive and caused billions of dollars in damages.
NotPetya is believed to have been created by the Russian military intelligence agency (GRU).
With all these cyberattacks, one question arises: Is it possible to defend yourself? The great news is that everyone can take measures to protect you in the long run!
How to Combat Cyberwarfare
The best way to defend against cyberwarfare is to be proactive and educate yourself on the topic. Here are a few things that can be done on a national level.
- Conducting risk assessments with cyberwar games. Conducting a real-life exercise or simulation, often known as a cyberwar game, is the best approach to test a nation's readiness for cyberwarfare.
- The importance of a layered defense. Many governments have adopted operational national security strategies to protect their information infrastructure in the face of cyberwarfare.
- Securing the private sector. The resilience of local companies to cyberattacks is a key issue in cyberwarfare.
In addition, here's how you can protect yourself from cyberattacks.
Protection Against Cyberwarfare
The following are a few steps you can take to protect yourself from cyberattacks:
- Use strong passwords and make a unique password for each account
- Use unique usernames where possible
- Use multi-factor authentication
- Avoid using a public Wi-Fi
- Use a VPN to secure your connection
- Use antivirus software and update it regularly
- Never leave your devices unattended in public spaces
You also may ask if there’s a ready solution to protect yourself from cyberwar. Let’s see.
How Can Geniusee Help Your Company with Protection?
At Geniusee, we believe everyone has the right to be protected against cyberattacks. We're devoted to developing products and services to protect you against cyberwar and providing consultancy and support for various clients and partners on this incredibly important matter.
Our first step is to conduct a security check to make sure your company is equipped with the right cyber defense tools and policies. Then, we advise all our clients to have their business partners conduct the same checks.
In addition to developing products that will help protect your company from external intruders, Geniusee can assemble dedicated teams for your cyber defense project that will conduct periodic vulnerability and threat assessments to ensure the ultimate protection.
Cyberwarfare is a real and growing threat. It's important to be proactive and educate yourself and others on how to defense your company in a case of war. Many things can be done on a national and individual level to combat this threat.
While cyberwarfare is mostly a part of a military endeavor usually led at a national level, civilians play a significant role in it. Individuals can help the state's overall security by improving their overall cybersecurity.
Need help with services and products against cyberwar? Ask the Geniusee professionals.