COMMENT
Over the past few decades, the nature of warfare between nations has evolved substantially with the integration of offensive cyber tactics. At the end of 2023, the head of Israel’s cyber defense, Yigal Unna, expressed concern that Iran would increase the intensity of its cyberattacks against Israeli infrastructure and government agencies. This exemplifies the new reality we live in, where cyber warfare has become a critical domain alongside land, air and sea tactics in armed conflicts around the world.
The integration of offensive cyber operations alongside conventional military force represents a strategic shift toward what experts call “fifth generation” or “hybrid warfare.” The goal is to weaken the adversary by using the tools available to achieve political and military objectives. In addition to traditional personnel and weapons, modern hybrid warfare exploits elements such as armed propaganda, electoral interferenceand strategic cyber attacks on critical infrastructure.
Common forms of cyber warfare
A major type of cyber threat targets critical infrastructure such as power grids, water systems, transportation networks, financial systems and government systems. Successfully breaching them can allow adversaries to monitor or control the systems that keep companies running. For example, Iranian hackers briefly took control of a small dam in New York in 2013 after stealing usernames and passwords. If control systems or operational networks were compromised, adversaries could shut down essential services or send them into dangerous states. For example, in 2021, Israel would be responsible for a cyber attack on a major nuclear facility in Iranwhich caused a blackout and damage to the region’s electricity grid.
Aside from critical infrastructure, security gaps in everyday technologies can be exploited for strategic advantage during war. For example, reports suggest so poorly configured security cameras in Israel and Palestine they are vulnerable to attacks from opponents or support hacktivists with basic skills. Access risks range from invasion of privacy through recording private spaces to manipulation of feeds for spying or inciting panic. Adversaries can also introduce wiper malware to permanently destroy or manipulate data and systems.
Another common tactic is the Distributed Denial of Service (DDoS) attack, which overloads sites and servers with traffic, causing them to crash. DDoS attacks can be conducted by botnets, networks of infected devices that flood targets in a coordinated manner. By blocking communications channels and government sites, DDoS attacks sow confusion and hinder response. The impacts were clear when DDoS attacks disabled major Ukrainian government sites after the Russian invasion in 2022. What can be even more dangerous, however, is when DDoS attacks are used to mislead IT and security teams while cybercriminals operate on compromised systems. In these cases, where cybercriminals go undercover during a DDoS attack, the consequences can have a double impact.
Finally, cyber espionage represents a significant threat, both through the theft of confidential documents and through influence on key figures. The 2020 SolarWinds hack allowed Russia to do this monitor email communications at the main US federal agencies. And control can be exercised by publicizing compromising information obtained through breaches.
Impacts of cyber warfare
At the tactical level, keeping command and communications systems offline hinders coordination between governments and military forces. Jammed signals or crashing networks prevent units from accessing central guidance, hinder information sharing between allies, and disrupt supply chains.
For civilians, attacks that disable power, water, transportation and other essential infrastructure directly threaten public health and safety. But aside from the real and direct physical impact that cyberattacks can have on people, such events can demoralize the public, sow panic and turn sentiment against wartime leadership already busy restoring services.
At a broader strategic level, infiltration of classified databases provides valuable information for shaping propaganda and psychological operations. The ability to disclose stolen data, whether truthful or manipulated, allows less conventionally powerful state and non-state forces to gain influence nationally and internationally.
Protection from cyber threats
To strengthen national defenses against the rising tide of cyber warfare, governments must give top priority to the security of critical infrastructure, while keeping an eye on other crucial elements of a resilient security strategy.
This includes governments monitoring their systems, updating software, isolating sensitive systems, and adopting rigorous cybersecurity standards across agencies. Robust threat intelligence sharing between security organizations and private sector partners is also critical.
Close coordination between government agencies, law enforcement, cyber commands, and private sector infrastructure operators enables collective defense against threats. Furthermore, all critical infrastructure operators must have comprehensive incident response plans for when sophisticated attacks inevitably occur.
Robust cybersecurity requires protecting not only critical infrastructure but also the people who access sensitive systems on a daily basis. Government and industrial personnel are a common target for phishing intrusions. Once inside less secure endpoints or accounts, hackers can escalate access across networks.
Good workforce hygiene and IT practices serve as a frontline defense. Comprehensive training for all staff is essential to cultivate awareness of issues such as multi-factor authentication and identifying deception attempts. Furthermore, the adoption and enforcement of open security standards such as DNSSEC, TLSAND DMARC strengthens protection across communication channels and access points. The workforce is a safety chain that is only as strong as its weakest link. Recognizing staff as a path to penetration, ongoing training and culture building are key to resilience.
A new frontier that picks up pace
As cyber warfare becomes increasingly intertwined with conventional conflicts, its disruption of critical systems and infrastructure will have immense impacts for governments and civilians alike. As a result, strengthening national cyber resilience will require a unified effort among lawmakers, security agencies, and private partners.
In reality, an arms race is developing between those who exploit technology to strike at their adversaries and those who develop the technology, processes and policies to prevent their success. As artificial intelligence (AI) enters the conversation, not to mention future technologies like quantum computing, the pace of this race will only increase. All governments can do is continue to prepare themselves and their citizens for the reality of a new frontier that will become increasingly present in global conflicts.