Cyberwarfare: How Real is the Threat?

It seems that in recent months cyberwarfare has finally broken through to the general consciousness. The new documentary, The Perfect Weapon, breaks down the rise of cyberwarfare between nations and how it’s become the new normal (make sure you take a look – it is a reality check). Cyberwarfare’s dangers were a hot topic as the United States elections approached, and the Covid-19 pandemic has shown us just how reliant we are on information technology—and how quickly cyberattacks can unfortunately turn deadly.

This is not a surprise to us at Digital Peace Now. It was only a matter of time before this important subject became a regular feature on the frontpages of newspapers. It’s already a massively important issue to a great number of people globally. Over the summer, we conducted a survey on how citizens around the world feel about cyberwarfare, and the Citizens on Cyberattacks Report found that irrespective of whether you live in South Africa, France, or the United States — you are concerned about online threats. In fact, the survey revealed that 9 in 10 interviewees agreed that our way of life is at risk if nothing is done to address the threat of cyberwarfare.

We have come a long way since the 2007 distributed denial of service attacks on Estonia that marked the first widely acknowledged occurrence of cyberwarfare — and not in a positive way. Looking back, those attacks seem pretty harmless.

Only a few short years later, our understanding of what is possible online shifted again. In 2010, Stuxnet became the first cyberattack to result in destruction in the real world. It targeted supervisory control and data acquisition (SCADA) systems, and was responsible for causing substantial physical damage to the Iranian nuclear facilities, and, by extension, their nuclear program. The Shamoon attacks discovered in 2012, showed the world that a virus can knock a company offline in a matter of minutes. Over 35,000 computers were “bricked” at Saudi Aramco.

However, it was the Snowden revelations in 2013 that brought home the reality that the internet can also be used for mass surveillance, a practice perfected by authoritarian regimes. The 2015 attack on the United States Office of Personnel Management also highlighted that countries cannot only observe what is happening on a particular network, but extract vast amounts of confidential data.

2017 brought us the most dramatic illustration of the potential impact of cyberwarfare. The WannaCry and NotPetya ransomware attacks spread like wildfire all over the world. The interconnectedness central to the Internet, being the wonderful tool it is, has left us vulnerable to state-sponsored cyberattacks — even if we are not the intended target. During NotPetya, widely understood as a Russian attack intended to disrupt Ukraine, the radiation monitoring system at Ukraine’s Chernobyl Nuclear Power Plant went offline. Several Ukrainian ministries, banks and metro systems were also affected. Elsewhere, the British advertising company WPP, Maersk Line, American pharmaceutical company Merck & Co., Russian oil company Rosneft, multinational law firm DLA Piper, French construction company Saint-Gobain and its retail and subsidiary outlets in Estonia were among those accidentally caught in the attack’s crosshairs. A few short days earlier, WannaCry knocked hospital systems offline, resulting in massive cancellations of medical appointments and procedures, including critical surgeries.

Meanwhile, mis- and disinformation attacks have become a popular attack technique. It’s widely accepted that Russian hackers pursued an “influence campaign” to manipulate the 2016 elections in United States. Similar attacks are associated with the French election and the Brexit referendum in the United Kingdom. Such malignant mischief has only ramped up since then.

The most frequently targeted sector has been non-governmental organizations (NGOs), such as advocacy groups, human rights organizations, nonprofit organizations, and think tanks focused on public policy, international affairs, or security.

Despite a substantial increase in the level of nefarious activity, as well as a substantial increase in the number of state actors playing in this field, we have, thankfully, not yet seen a cyber-Armageddon that many have predicted. Tearing everything down is just not in anyone’s interest. But as you have seen above, you should worry even if you assume your organization would ever be a target.

A recent Microsoft report found that state actors often conduct intrusions in pursuit of larger strategic objectives, which they view as critical to the stability, prosperity, and sometimes survival of their home nations. What their next move will be to achieve those goals is very difficult to predict.