01. What does Cyber warfare mean?
It is any virtual conflict initiated as a politically motivated attack on an
enemy’s computer and information systems. In simple words, cyber warfare is
the use of hacking to conduct attacks on a target’s strategic or tactical
resources for the purposes of espionage or sabotage.
Cyber warfare attacks can disable official websites, networks and also
disrupt or disable essential services, steal or alter classified data and
break down financial systems, among many other possibilities.
02. How does cyber warfare work?
Hackers that are in the military of a said state or hackers that are
sponsored by the said state attack computers and networks that are
involved with sensitive resources within a country. This procedure is
similar to how a hacker works normally, they collect information about
the system and find out loop holes and weak spots. The hackers then
gain control of the said system or destroy it.
If hackers simply choose to gain control, then they can read
privileged information not meant for them and they can exploit to gain
advantage. And also sabotage people in various ways, from blackmailing
them to luring them out of their security and killing them.
A good example of cyber warfare is in using DDoS (Distributed Denial
of Service Attacks) to shut down access to government websites and
social media, an effective tactic used by the Russians during the
South Ossetian War in 2008.
Who does it target?
Will target any sensitive industry in your opponent’s infrastructure.
This means obvious stuff like the military and defense and weapons
The worst part is that cyber warfare could target a country’s
population; the most important strategic asset of a country. A hacker
could launch terrorist attacks, i.e. doing scary things like hitting
major financial sectors and causing economic damage to the country’s
economic or abruptly terminating public communication.
04. Controversy over terms…
Eugene Kaspersky, found of Kaspersky Lab, concludes that “cyber
terrorism” is a better term than “cyber warfare”. He states that “with
today’s attacks, you are clueless about who did it or when they will
strike again. It’s not cyber war but cyber terrorism.”
In October 2011 the Journal of Strategic Studies, a leading journal in
that field, published an article by Thomas Rid, “Cyber War Will Not
Take Place” which argued that all Cyber-attacks motivated by politics
are merely sophisticated versions of sabotage, espionage, or
subversion and that it’s is highly unlikely that a Cyber war will
occur in the future.
Some experts, however, believe that this type of activity already
constitutes a war.
05. Protection against attacks
The most effective protection against Cyber warfare attacks is
securing information and networks. Security updates should be applied
to all systems -- including those that are not considered critical --
because any vulnerable system can be co-opted and used to carry out
attacks. Measures to mitigate the potential damage of an attack
include comprehensive disaster recovery planning that includes
provisions for extended outages.
06. Example of Cyber warfare:
• In 1998, the United States hacked into Serbia's air defense system
to compromise air traffic control and facilitate the bombing of
• In 2007, in Estonia, a botnet of over a million computers brought
down government, business and media websites across the country. The
attack was suspected to have originated in Russia, motivated by
political tension between the two countries.
• Also in 2007, an unknown foreign party hacked into high tech and
military agencies in the United States and downloaded terabytes of
• In 2009, a cyber-spy network called "GhostNet" accessed confidential
information belonging to both governmental and private organizations
in over 100 countries around the world. GhostNet was reported to
originate in China, although that country denied responsibility.
Mandeera is an undergraduate of
Institute of Information and Technology following Bachelor in Software
Engineering and currently working as Intern - Information Security
Engineer at Sri Lanka CERT|CC