As the US launches a cyberattack against Iranian weapons systems and escalates their infiltration of the Russian power grid in the same month, it’s clear a new chapter of warfare is well and truly underway. Fueled by the same complex mix of diplomatic breakdowns, economic sanctions and historical grievances as regular conflicts, cyberwarfare is the new threat facing developing nations.
The crisis faced by every technologically advanced state is highlighted in the World Economic Forum’s Global Risks Report 2019 which ranked cyberattacks as the 5th global risk of our time. The US is certainly not alone in developing a cyberwarfare arsenal, as preemptive strikes, espionage and counter-attacks all require nations to develop cybersecurity defenses and demonstrate their clout.
Here, we know exactly what the digital battleground looks like, and the attempts nations can take to develop defenses against the latest cyberwarfare threats.
The cyberwarfare battlegrounds of 2019
To get a handle on the scale of the problem, our infographic below shows just how frequent politically motivated state sponsored attacks have become.
Whilst the targets are only limited to the creativity of the attacks, it seems the trend is pointing towards two main sectors:
Destabilizing economies
Attacks on critical infrastructure have the potential to cripple nations, either by destabilizing key economic contributors, stealing valuable data or by disrupting core national services, such as public access to power or healthcare. By doing so without having to set foot on the ground, the cost of warfare is drastically reduced, making it very likely this will be a tactic of choice in the years ahead.
Manipulating propaganda
Another method we have seen unfold is the use of technology to attempt the influence of votes, public opinion or trust in Governments through media manipulation and false websites. As alarmingly realistic deep-fakes of key political figures seep into major online platforms, the possibility that such manipulations will become too sophisticated for the public to detect becomes very real. With the US 2020 election campaigns gaining pace, a new wave of manipulated propaganda could be on the horizon.
The cyberwarfare arsenal
Across cybersecurity there are always new protection technologies and malicious tools being developed, meaning the best attack-defense strategies are never static.
However, artificial intelligence and machine learning techniques are likely to take a bigger role.
With the ability to process large volumes of data and self-train to mimic behaviors and patterns, artificial intelligence and machine learning techniques are already being used to breach the common lines of defence in place and increase the volume of attacks hackers can perform. We’ve already seen algorithms ability to fool CAPTCHA systems, masquerade logins attempts to come from different browsers and scan for patch vulnerabilities on systems. But what if AI was trained against AI? Natural language processing, automatic detection, biometric logins and processing unstructured data are some of the best ways to match the speed and ferocity of cyberattackers employing AI. For example, researchers have developed a new method to fool classic AI image recognition software, providing a vital defence strategy against algorithms trying to attempt a breach. With this technology still in its infancy in many ways, this could open a whole new chapter of digital warfare as both sides develop smarter techniques.
Deception technologies play an important defensive strategy. By setting an irresistible honeypot, attackers are fooled into thinking they have gained access to the real system or target. Once tricked, the methods and tactics of the attackers can be safely monitored to gain critical intelligence and identify where defence systems needed to be ramped up.
Controllers of the battleground
Even the most sophisticated attack and defense methods are only part of the picture. Although the move to cyber warfare is clear, the human element is still inherent, and necessary for any plan, deployment of strategy or counter. This means ‘People, Process and Technology’ are the three crucial components for any cyberwarfare defense strategy.
National mandates, top-level policies and secure frameworks set by the Government are essential to protection efforts. By educating and implementing organizations on the correct preventative technologies and instilling robust best-practice training across all critical infrastructure, the risk of malicious attacks can be limited.
In this picture, the right people are required to implement and manage technologies to prevent and respond to attacks – meaning the role of cybersecurity experts is never more important.
Robust cyber defenses of the future
While the diplomatic resolution of conflicts should always be the first option, the threat of cyberwarfare can’t be ignored. The next chapters are going to be inextricably linked to political tensions and global economics and we may see emerging economies begin to join the fray as their technologies develop. However strong current cyber practices are – the battleground is constantly shifting.
State controllers must not rest on their laurels. The possibilities will be tied to general advances in technology, as every new integration at state-level, such as the adoption of drones, presents an opportunity. Investments in automatic detection and response technologies provide a crucial defense barrier in reducing the collateral damage of a high-risk attack.