December 2020: the Treasury Department, along with other agencies extending throughout federal, state, and local government, discovered a breach of dozens of email accounts.  The attack was blamed on Russia.

August 2020: the Canadian government shut down most of its online portals following a cyberattack that attempted to access accounts of at least 24 government systems.  The government has yet to comment on the source of the attack.

February 2019: Australia reported a hack attempt on its parliament’s computer network.  Local cybersecurity experts believed the attack was launched by a “sophisticated state actor.”

April 2016: in the run-up to the American presidential elections, a server hack of the Democratic National Committee resulted in a massive theft of emails.  The perpetrator?  Allegedly, Russia.

There are countless examples of cyberattacks targeting government agencies all over the world.  Cyberwarfare is as prevalent as it is damaging.  Its targets are also not limited to government agencies.  50% of technology executives view state-sponsored cyberwarfare as the biggest threat.

What is ‘cyberwarfare’ and who are the targets?

Cyberwarfare is the use of digital attacks by states to damage other state’s digital infrastructure or steal its information.

Stuxnet is often seen as a seminal cyberwarfare event.  A malicious computer program, discovered in 2010 but believed to have been in development since 2005, targeted supervisory control and data acquisition systems and caused significant damage to the nuclear program of Iran.  It is believed that this computer warm, which exploited Windows zero-day vulnerabilities, was developed jointly by the United States and Israel, though neither country has assumed responsibility.

According to a report by Verizon, in 2019, 69% of data breaches were committed by outsiders, 23% of which were identified as “nation-states.”  Privacy Affairs reports a 440% increase in global cyberwarfare attacks between 2009 and 2018.  26.3% of such attacks target the US.

Attackers targeting the US

Source: Privacy Affairs

No one is immune from getting targeted in cyberwarfare – not on an organizational or individual level.  Government agencies, tech companies, consumer brands, healthcare organizations, banks and other financial institutions, and regular individuals – cyberwarfare concerns everyone.

Local governments, for the most part, are not sufficiently equipped to handle such attacks.  53.5% do not even keep track of attempted attacks.  58.4% do not know who is attacking them.  It, therefore, comes as no surprise that local municipal governments have become the preferred target of ransomware attacks.  The number of payouts, sadly, is also on the rise.

What are the types of cyberwarfare and attacks?

Hackers certainly do not lack creativity or patience.  That’s why it often takes months to detect a breach.

The end goal of cyberwarfare attacks can be split into the following three categories:

• Espionage: stealing private or confidential information
• Sabotage: disrupting existing networks and systems
• Propaganda: disseminating false information

The methods used to execute these attacks depend on the end goal.  For example, man-in-the-middle, phishing, denial-of-service, DNS spoofing, and malware types of attacks are often used for espionage and sabotage purposes. (note: there are already articles on MITM and phishing. Make sure to hyperlink them here)  Social media platforms have become a fertile ground for the dissemination of misinformation and, as such, are the weapon of choice for propaganda-aimed attacks.

How can you protect your organization, employees, and constituents?

There is no such thing as being “too vigilant” when it comes to cybersecurity.  Hackers are looking for the smallest window of opportunity, so, what may seem like an insignificant oversight, can lead to irrevocable damages.  Therefore, ensure that your system has multiple levels of security and strong protocols in place.

1. Educate your staff on social engineering attacks and the methods to prevent them. (hyperlink ‘social engineering’ to the earlier article)
2. Empower your staff to employ responsible digital habits with regular  Security Awareness Training.
3. Constantly monitor the health of your network with monitoring solutions.
4. Invest in a powerful anti-malware software solution and keep it up to date.
5. Implement multi-factor authentication wherever possible.
6. Encrypt your data and communication. (hyperlink to the encryption article)
7. Develop and implement a strict protocol on the hierarchy of data access by your employees.  Zero-trust is best.
8. Design breach protocols that will allow you to respond to attacks swiftly, minimizing their damage to your organization, and your constituents’ and employees’ data.

Future of cyberwarfare

The cyberwarfare market was valued at $39.30 billion in 2020.  By 2026, it is expected to grow by more than 200%, reaching $122.87 billion.  Clearly, the threat of cyberwarfare is not only here to stay but will boom in the coming years.

In 2011, the US government published its strategy on cyberwarfare, which reserved the right of the government to use military force in response to a cyberattack.  The Defense Science Board, an advisory committee to the Secretary of Defense, went even further, stating that in extreme cases, “nuclear weapons would remain the ultimate response and anchor the deterrence ladder.”

Suffice to say, the governments around the world are fully aware of both the scale of the damage cyberwarfare has the potential to inflict and the fact that such attacks will only grow in numbers.  However, at this point, there is no overarching global agreement, governing the space of cyberwar.  The main international agreements relevant to this field are the 2001 Convention on Cybercrime and the Shanghai Cooperation Organization’s International Information Security Agreement of 2009.

While the US government is continuously working on building up its capabilities and regulatory frameworks to meet the challenge, experts warn that the country is “woefully unprepared.”  This places responsibility on individual institutions, who need to be vigilant about potential threats and actively engage the federal government for assistance.