Cyber War: how it works

Cyberspace has become an extension of traditional battlefields, allowing nations to sustain damaging conflicts without physical confrontation, troops or machines.  

Table of Contents

What is Cyber War?

Cyber War involves the intentional invasion of another nations’ networks and computer systems for the purpose of causing damage to these systems. 

These attacks are carried about by international organizations or state-sponsored entities with the knowledge and resources necessary to cause massive damage to a nation’s network. 

Effects

Compromised personal and confidential data gives attackers access to secure networks and systems and can even be used for blackmail purposes. 

Governments that fail to protect themselves against cyber-attacks face national security and economic concerns. 

The main objective of cyber warfare is to gain an advantage over opponents. A nation can, for example, invade the infrastructure of the opposing country, stealing defense secrets, and collecting this information for use as industrial and military espionage. Here are a few cases that were published in the media:

The Stuxnet Case

One example of a sponsored attack was the Stuxnet malware case, which occurred in 2010. The Stuxnet malware was created to damage Iran’s computer-controlled nuclear power plant. This malware used stolen digital certificates to gain access to the computer system and caused the system to constantly shut down. The Iranians didn’t know what was going on at first but later identified that this malware was causing the issue. This discovery shows that malware is not only used for spying and stealing personal data, but can be used for political purposes as well.  

Hacking of the White House email system

On November 17, 2014 the US State Department email system was compromised by hackers. The network at the White House was hacked simultaneously, causing the systems to both be shut down for maintenance. The disruption put a temporary halt on employee email communication and internet traffic to US Government public websites. There is suspicion that the attacks were carried about by a state-sponsored entity, possibly Russian or Chinese.  

US government explicitly attributes authorship of cyber-attack to Russia

A White House task force investigating the widespread invasion of corporate networks and the US government reported on January 6, 2021, that Russia is likely to be blamed for the incident. 

The statement was made by the Cyber Unified Coordination Group, which includes the FBI, the Infrastructure Security and Cyber Security Agency (CISA), the National Security Agency and the Office of the Director of National Intelligence. 

The group concluded that the Advanced Persistent Threat (APT), probably of Russian origin, is responsible for most or all of the ongoing cyber compromises recently discovered, both in governmental and non-governmental networks.” 

Data report that 18,000 “customers from the public and private sectors” downloaded the malicious code deployed on the affected software update server. 

Creation of the Bureau for Cyberspace Security and Emerging Technologies (CSET)

Thinking precisely to protect national security and in preparation for an eventual cyber war that, the United States Secretary of State, Mike Pompeo, approved on January 7, 2021 the creation of the Bureau of Security for Cyberspace and Emerging Technologies (CSET). 

This organization’s mission is to reduce cyber conflict, deal with external cyber threats, protect cyberspace, and organize the security diplomacy of American cyberspace using emerging technologies. 

In the statement, China, Russia, Iran, and North Korea are all identified by the United States as national security threats, along with “other competitors and emerging technology and cyber adversaries”.  

Conclusion

It has been proven that most invasions occur because of the use of weak access credentials, easily stolen and manipulated by cybercriminals to access private networks.  

VaultOne prevents data breaches, protects the user and their access, records access sessions and provides logs for forensic analysis, useful for identifying data breaches. 

Talk to our team and find out how we can make your Organization safer.