The prospect of geopolitical tensions leading to large-scale cyberattacks is a very real one. Nor would it be a new development – nation-states have been using cyberattacks as a warfare technique for more than a decade now. Perhaps the greatest example of this is Stuxnet, a malicious computer worm that wreaked enormous havoc on Iran’s nuclear program in 2010 and is largely thought to be a creation of Israel and the United States.
In a comprehensive report published in 2019, the Department of Homeland Security, United States, succinctly described the threat faced by the world from cyberattacks due to geopolitical tensions:
“The increasing ability to buy cyber tools on a commercial basis allows both nation-state and non-state actors to leapfrog by crossing the line from emerging threat to an established threat quickly; thus, leapfrogging is seen as a key driver in the cyber threat landscape. When combined with the challenges of definitive and timely attribution, a threat actor that emerges quickly could inject a high level of geopolitical instability into a conflict that would be more difficult to anticipate than traditional military changes in the balance of power, such as acquisitions of new weapons.”
Low Entry Barriers & Plausible Deniability
The key reason for the emergence of cyberattacks by threat actors to target nation-states is the low entry barrier. There is no regulation of cyberattacks with international agreements slowly coming into place, prioritizing data and intelligence sharing. Cyber actors freely sell their capabilities to other parties on an open marketplace which is extremely difficult to track.
While cyber warfare is increasingly common, all nation-states maintain plausible deniability so that they cannot be directly linked to these events. This lack of transparency and traceability enables threat actors, whether sponsored by a state or not, to operate with impunity. There were many reports of Russian elements influencing the United States presidential election in 2016 but they were all categorically denied. In 2017, Russia’s President Vladimir Putin suggested that “patriotic” Russian citizens might be engaged in hacking to join the “justified fight against those speaking ill of Russia”.
Another example of this was the devastating cyberattack on Sony Pictures in 2014 which leaked a variety of confidential data, while also erasing data. While a hacker group called the Guardians of Peace took responsibility for the attack, the United States alleged that the attack was conducted by North Korean hackers. North Korea denied all responsibility for the attack.
Shaping public opinion
What these two examples make clear is that attacks on infrastructure and other assets will continue with nation-states secretly using non-state threat actors to carry them out, hence ensuring that it cannot be traced back to them.
It’s also important to understand that cyber warfare doesn’t necessarily only mean cyberattacks. They can be in far more insidious ways as well – shaping public opinion through social media, influencing elections, planting disinformation and fake news. There’s no limit to the extent to which public opinion can be influenced.
Ultimately, defending against this kind of warfare is both a state and an individual responsibility. Some enterprises may be at more risk than others – defence organizations and/or military installations should ensure they have strong and stringent cybersecurity checks in place. From an individual perspective, the lesson is the same – stay vigilant and verify everything you see on social media.