Cyber warfare is the new tool of statecraft allowing countries to project power, influence events, and achieve strategic objectives without the use of traditional military
force. Cyber warfare is not just about hacking and data breaches but encapsulates shaping the information environment, manipulating perceptions, and undermining
credibility of institutions. It is a domain which like a shapeshifter is continuously evolving, more so with regular technical breakthroughs. The evolving nature of these threats continues to challenge governments, organizations, and individuals in their efforts to enhance cybersecurity and resilience.
The proliferation of cloud computing, 5G networks, and the increasing reliance on digital infrastructure have expanded the potential attack surfaces while, the rise of Artificial intelligence and myriad technologies like IoT etc spawned as a product of symbiotic nourishment have also contributed in sharpening the serrated edges of Cyber Warfare. An outcome of this synergy has been the convergence of Cyber & Physical worlds wherein the consequences of actions in cyber domain easily spill over and manifest in multiple domains.
Recent Manifestations of Cyber Warfare
There is a necessity of scanning the contours of recent events which have lifted the shroud of secrecy and denial and brought Cyber Warfare back in glare of geopolitical sensitivity. These incidents highlight the growing prevalence and sophistication of cyber warfare tactics employed by state and non-state actors to achieve various strategic, political, and economic objectives.The ongoing conflicts around the world provide valuable lessons and insights into the evolving nature of cyber warfare, as evidenced below:
(a) NotPetya Malware Attack (2017) attributed to the Russian military intelligence agency GRU, caused widespread disruption and billions of dollars in
damages globally.
(b) WannaCry Ransomware Attack (2017) attributed to the North Korean hacking group Lazarus affected hundreds of thousands of computers in over 150 countries, disrupting critical services, including the UK’s National Health Service.
(c) SolarWinds Supply Chain Attack (2020) attributed to the Russian-backed hacking group APT29, compromised the software supply chain of the IT
management firm SolarWinds, allowing attackers to gain access to numerous government agencies and private companies.
(d) US Cyber Attacks on Iranian Missile Systems (2019) disrupted Iran’s ability to target oil tankers in the Strait of Hormuz, as a response to Iranian attacks on US
assets.
(e) Cyber Attacks on Critical Infrastructure.
- Attacks on Ukrainian Power Grid (2015 and 2016) attributed to the Russian hacking group Sandworm temporarily disrupted the power supply in Ukraine.
- Triton/ Trisis Malware Attack (2017) targeted an industrial safety system at a petrochemical plant in Saudi Arabia, potentially aiming to cause physical damage.
- Attacks on US Water Treatment Facility (2021) attempted to increase the levels of sodium hydroxide in the water supply of a Florida water treatment plant, highlighting the vulnerability of critical infrastructure.
- Colonial Pipeline Ransomware Attack (2021) targeted the largest fuel pipeline in the United States. The DarkSide, a hacker group believed to operate out of Eastern Europe, was behind the attack, leading to shutdown of operations and fuel shortages across the Eastern Seaboard.
(f) Cyber Espionage and Intellectual Property Theft.
- Equifax Data Breach (2017) linked to a Chinese military hacking unit. exposed the personal and financial information of over 147 million people.
- Ongoing Cyber Espionage Campaigns by Chinese authorities targeting government agencies, defense contractors, and high-tech companies to steal sensitive information and intellectual property.
(g) Political and Economic Interference.
- During the 2020 U.S. presidential election, there were concerns about potential foreign interference, including cyber-enabled disinformation campaigns and attempts to compromise election infrastructure.
- In the lead-up to the 2020 Tokyo Olympics, which were postponed to 2021 due to the COVID-19 pandemic, the event faced a series of cyber attacks, including attempts to disrupt the games and steal sensitive information.
- The 2022 Winter Olympics in Beijing were also targeted by cyber attacks, with the Olympic Destroyer malware being detected, potentially aimed at disrupting the event.
As can be deduced from the technology, tactics and diverse targets transcending any particular convention or domain, there are alarm bells sounding out the surreptitious and sinister transformation of Cyber Warfare into a different entity altogether, laying to waste all accumulated conventional wisdom and therefore needing careful scrutiny and monitoring to enhancing readiness for a calibrated response.
(The author has provided 24 years of dedicated cyber security expertise to the Indian Army.)
