Are we ready for cyber war?
Where do businesses' responsibilities lie when it comes to protecting the national interest?
The history of the world has been blighted by wars so bloody and brutal its memories linger on for generations, but the way it's fought today is looking increasingly different. Although physical conflicts still take place and battlefields are still very much a thing, near acts of war now more commonly occur online.
This is being enabled by a rapid advancement in technology, which is not only creating better security systems but is also facilitating cyber attacks that are far more sophisticated than have been previously possible. Rather than deploying troops on the ground, or sending fleets of warships and ordering air strikes, governments can now do serious damage with a laptop and Wi-Fi connection.
Over the last few years, countries have disabled enemy security systems, halted public services, infected IT infrastructure with malware and even meddled in elections. Both the power of computers and reach of the internet, coupled with innovative thinking, has transformed the way in which nations fight.
Just as you may have listened to tales of the Second World War from your grandparent, you might be telling your own grandchildren about cyber wars in the not-so-distant future. With more and more AI and autonomous weapons being produced, the fallout from a cyber attack is likely to be far more catastrophic than files leaking to the dark web.
Rise of the cyber war
State-backed cyber attacks are becoming far more common, and countries are struggling to cope. There have been notable cyber attacks involving states over the last few years. In 2007, Estonia suffered a distributed denial of service (DDoS) attack that brought down crucial government servers and other national infrastructure.
While a Moldovan student living in Tallinn ultimately admitted being behind the attack, the command and control servers used to carry it out were traced back to Russia, raising suspicions there were additional attackers operating from there. The fact that the country could have stepped in once this was discovered in order to end the attack, but chose not to and has refused to aid any criminal investigation by Estonia has led researchers to believe that, at the very least, the attackers were operating in Russian National interests, if not at the direct behest of the state.
More recently, the United States accused Russia of tampering in the presidential election that saw Donald Trump elected. According to the US, Russian state-sponsored hackers launched a cyber attack on multiple Democratic Party organisations, supposedly with the aim of aiding Trump's campaign. A spokesman for Russian president Vladimir Putin, however, dismissed these accusations as "rubbish".
North Korea has also been accused of a string of cyber attacks in the past. In 2015, the country allegedly launched an attack against Sony Pictures Entertainment, resulting in personal information about employees and their families being leaked. Much like Russia's reaction to the 2007 Estonia attack, North Korea's official news agency dismissed the claims as "wild rumours" but also said the attack "might be a righteous deed of the supporters and sympathisers with the DPRK in response to its appeal".
When a cyber attack takes place and is targeted at a specific country, its government is almost certainly going to want to pin the crime on an enemy. That's how war has always worked. But it turns out that linking hackers to governments isn't an easy task, and this is why cyber warfare is such an effective weapon: often, those responsible can mount successful attacks without facing any consequences.
Kirsten Williams, a political risk analyst at Allan & Associates, has undertaken research into major cyber spats involving countries such as Russia. "It is almost impossible to prove that hackers are linked to governments which is part of what makes cyber attacks such a valuable weapon," she tells IT Pro.
"Because international bodies like the UN and Nato have been slow to recognise the potential of cyber attacks as weapons of war, state-funded hackers can exploit this anonymity without attracting condemnation from the international community in the way that traditional warfare tends to.
She explains how Russia, in particular, has been accused of state-sponsored hacks against several countries in the past. "There is certainly a clear trend of hackers targeting political parties or institutions hostile to Russia, as well as critical infrastructure like electricity and communications," says Williams.
"If Russia is behind such attacks, it fits into President Vladimir Putin's attempts to make the country a more dominant force, and it works on two levels: as we saw in the US elections, data leaks and other cyber attacks can be extremely influential on political processes and these hacks which are generally incredibly complex also demonstrate high technological capability, which is useful for deterring potential aggressors towards Russia. Mastering cyberspace is a game-changing tactic in today's hybrid wars."
Government attention needed
Many experts believe that cyber warfare will continue to grow over the next few years while at the same time becoming more complex. Because of this, there are calls for governments to do more when it comes to cyber security. They ought to invest in the right strategies to stay ahead of the curve.
Mark Hughes, CEO of BT Security, agrees that national security is the responsibility of governments but says there isn't a certain amount of money that will automatically eradicate these challenges. He also believes that businesses and public bodies should work with governments on this mission as well.
"The first responsibility of government is of course to protect the country and its citizens. Cyber crime is a rapidly expanding market which requires little resource and risk on the part of criminals to enter. Therefore, governments need to continue to invest, but there is no 'magic number' that will make the problem go away," he says.
"Businesses and public bodies also need to take responsibility for their own security and so do consumers; in the same way that consumers invest in locks and alarms for their physical property, they need to do the same for their growing digital assets. The issue of cyber security and raising awareness of the potential impact and damage that cyber-crime can inflict on our lives has never been so critical."
Andrew Bushby, UK director of Fidelis Cybersecurity, says one of the biggest dangers of cyber war is that it isn't always caused by an army of hackers. Individuals can also have the means to attack an entire country or government.
"Unlike in traditional warfare, in cyber warfare, the size of the force doesn't necessarily dictate success or failure. Just one hacker could take down an entire nation state using a cyber attack. Targets in traditional warfare have focused on those with government or military significance, as well as threats to infrastructure and financial stability," he says.
"In cyber war, however, the target can be much broader. National interest is defended in state cyber espionage, and there have been attempts to steal IPR. The DNC attack also showcased political motivation for cyber attacks.
"While organisations tend not to recognise the threat of cyber war as much as they do being specifically targeted, this is a very real attack vector and industries from pharmaceutical to oil and gas, universities to medical centres have and will be targeted."
Bushby suggests these attacks could become more dangerous over the coming years. With this in mind, he says government organisations need to begin creating rules and strategies on how to engage in cyber wars.
"There is nothing to say that future cyber attacks won't be aggressive. Nation states or terrorist groups could attack water sanitation, utility grids, traffic control systems to name a few, and these would have disastrous consequences," he tells IT Pro.
"The fact of the matter is that there are no rules of engagement in cyber war, unlike the treaties and alliances that exist in the physical world, that said. It's clear that most threat actors ignore rules in any case. The nation state may not be ready to defend us against every type of possible attack all the time, but more is being done to build these defences."
Traditional methods of wars may never become completely obsolete, but it couldn't be clearer that there are more dangerous threats. Hackers have the ability to take down whole countries, meaning it's crucial that governments take action now to ensure they can protect their people and assets in the future.
Security analytics for your multi-cloud deployments
IBM Security QRadar SIEM solution briefDownload now
Five reasons to move to the cloud
Join the enterprises moving their workloads to the cloudDownload now
Architecting hybrid IT and edge for digital advantage
Why business leaders should consider a hybrid IT strategyDownload now
Six reasons to accelerate remote asset monitoring with AI
How to optimise resources, increase productivity, and grow profit margins with AIDownload now