Cyber Warfare: Security Measures Against Cyber Threats
The modern military campaign, with its traditional army branches such as infantry, artillery, and aviation, also includes an extensive cyber branch. This is a branch of the armed forces we don’t typically see, but it is a crucial part of modern warfare.
Cyber warfare introduces a whole new dimension of war capable of bypassing the front lines and wreaking havoc on the enemy’s technological infrastructure. But what exactly is cyber warfare? What constitutes an act of cyber war? Is it the future of war?
What is cyber warfare?
Although there is no clear official definition of what constitutes cyber warfare, experts generally agree that the term refers to a state-on-state cyber attack equivalent to an armed attack that could trigger a military response. Usually, cyber warfare comprises a variety of digital attacks that explicitly aim to sabotage, damage, or spy on the alleged enemy.
What are the goals of cyber warfare?
As with any military effort, the aim of cyber warfare is to gain advantage over an opponent. The central goal of any coordinated wartime cyber attack is to disrupt, damage, weaken, and if possible even destroy the alleged enemy’s IT infrastructure. Some efforts of cyber warfare might be focused on espionage or sabotage in order to gain information and possibly distract or manipulate the opponent to better the attacker’s position.
Types of cyber warfare attacks
Cyber warfare includes a large variety of digital attacks. Here are some of the most common types of attacks.
Phishing is a type of cyber attack that utilizes emails as a primary vector of attack. Usually, a phishing attack uses disguised email as a weapon. The attackers design their messages carefully so they appear trustworthy. The simple objective of a phishing attack is to trick unsuspecting users into believing that the email is authentic and something that they should read, and in most instances, act upon. For instance, the recipient might be encouraged to download an attachment or click a suspicious link.
Malware attacks are attacks that involve the spread of malicious software, which is usually designed to cause damage to a computer system, whether it is a server, client, or even a network. In most cases, malware attacks are devised with the intent to steal sensitive data, steal important credentials, and gain unauthorized access to wider systems, which could allow attackers to further carry out their malicious mission.
Technically, ransomware attacks can be considered malware attacks. However, ransomware is a very specific kind of malware designed by cyber crooks to deny a user or organization access to their files stored on the computer system. This is done with encryption. During the attack, the malicious piece of software encrypts large quantities of files. Essentially, encryption is a way of encoding information so that only people who have the necessary key to decode it can read it. Successful ransomware attacks can take out large IT infrastructures and heavily disrupt operations of any organization that relies on network communications to function.
A distributed denial of service attack – otherwise known as a DDoS attacks – is a malicious attempt to disrupt the regular traffic of a targeted server or network by flooding the target with a fake internet traffic. What makes DDoS attacks different from other types of attacks is that their purpose is not to cause direct damage to a system or a network but rather to disrupt it and make it unavailable to its regular users. DDoS attacks can be executed in short bursts and can act as a distraction while other more invasive actions take place.
Propaganda attacks generally refer to the use of contemporary means of digital communication to manipulate the public's perception towards a specific point of view about certain events. The crooks behind propaganda attacks use a variety of techniques, including the creation of fake documents, which turn into fake news and are disseminated over social networks to encourage further chaotic reactions.
Cyber espionage is a type of cyber attack that is designed to gain unauthorized access to a computer or network system in order to steal classified data. Cyber espionage attacks may be deployed in conjunction with military operations. The impact of cyber espionage attacks can disrupt public services and infrastructure.
Cyber warfare examples
Over the years, a large number of cyber attacks have been an important part of cyber warfare. Here are some of them.
Stuxnet is a malicious piece of software that traveled via USB stick and spread through Microsoft Windows computers. The virus was designed to search infected computers for Siemens Step 7 software, which was used to monitor electro-mechanical equipment. Once a computer running the specific software was found, Stuxnet sent damage-inducing instructions to the monitored equipment. Widely believed to have been developed by the United States and Israel, Stuxnet played a major role in destroying numerous centrifuges in Iran’s Natanz uranium enrichment facility by causing them to burn themselves out.
Blackouts in Ukraine
Two days before Christmas in 2015, Russian hackers caused the very first blackout induced by a cyberattack. They had successfully managed to turn off the power of a vast number Ukrainians in Kyiv and other cities. The cyber crooks behind the attack used what has come to be known as Crash Override – a malicious piece of custom–built software designed to automatically initiate a power-killing process by sending rapid commands to circuit breakers in a victims utility.
Back in 2017 the world faced probably one of the most destructive malware attacks to have ever been deployed. The Kremlin-backed attack targeted Ukraine with the intention to cause widespread damage and deter organizations from doing business with Ukraine. NotPetya affected a large portion of the Ukrainian network. At first glance, NotPetya was identified as ransomware. However, over time researchers and experts discovered that NotPetya asking for a ransom in return for decryption services was disingenuous. Essentially, the malicious application irreversibly encrypted the master boot records even of those willing to pay. In reality the decryption key simply did not exist. The scale, motive, and precedent that NotPetya set is alarming: $10 billion in damage and loss of goods, services, and opportunities.
Recently, the UK National Cyber Security Centre (NCSC), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) in the US have identified a new strain of malware that came to be known as Cyclops Blink. The researchers behind the investigation think that it is a replacement framework for the VPNFilter malware exposed in 2018, which exploited network devices and network-attached storage (NAS) devices.
According to experts, the malicious piece of software, much like its predecessor, can be leveraged for traffic manipulation, destruction of host devices, the exploitation of downstream devices, and the monitoring of Modbus SCADA protocols. All of this can translate to major network disruptions and huge data losses.
How to protect yourself against cyber warfare
Cyberwarfare is not a prospect of the distant future. It is a part of reality today. Being aware of what it is and how it works is essential if you wish to stay secure during times of uncertainty. To help you do just that, we’ve prepared a few essential security tips that you should practice in case you ever face a cyber emergency.
Use strong and unique passwords for all your accounts
Passwords are our first line of defense against unauthorized access to our accounts from others. However, many of us tend to practice password hygiene that security experts would dub questionable. A lot of us use easy-to-remember passwords across multiple accounts, which is an invitation to be hacked or breached.
Strong, unique passwords should guard online accounts. What we consider a strong password should comprise at least 12 symbols, upper- and lowercase letters, numbers, and special characters. The problem with such passwords is that they are almost impossible to remember. This is where password managers enter the picture and make everyone’s life easier. Usually, password managers also offer password generator services, which helps users with password creation.
Use unique usernames where possible
While it is mostly true that reusing usernames across multiple accounts is not as bad as reusing passwords, it still introduces certain risks that can be avoided. As with passwords, using a single username on multiple accounts allows bad actors to identify you more quickly and cause damage across all your online accounts simultaneously. Coming up with a new user name every single time you sign up for an app, website, or service online can be a challenge, but there’s a solution for that – username generators, which instantly create a secure and unique username.
Use multi-factor authentication
Multi-factor authentication, also known as MFA, is a method of authentication that grants the user access to a specific website or application only after the user successfully presents multiple pieces of information to the authentication mechanism. You can think of it as an extra layer of security that makes it harder for cyber crooks to get unauthorized access to your accounts. These days, MFA is available on most online platforms and applications. Usually, it takes the form of an authenticator app that receives a code that you need to enter in order to login.
Avoid using public Wi-Fi
Using a public Wi-Fi usually means using a network that, in most cases, is not secure. While public Wi-Fi can come in handy, we highly recommend thinking twice before using it for anything that might involve sensitive information. Once you are connected to an unsecured public Wi-Fi hotspot, a variety of attack vectors are open for bad actors. Hackers may be able to position themselves between you and the connection point. In such a case, you would be sending out information straight to a devious party rather than a Wi-Fi hotspot. Cyber criminals are also known for their use of public Wi-Fi infrastructure to spread malware.
Use a VPN to secure your connection
A virtual private network, or VPN, is a technology that creates a secure tunnel for information flow when a device is connected to the internet. That data flow is encrypted to ensure its security. With a VPN you can feel safe when connecting to public Wi-Fi networks. A VPN also hides your IP and can help you change your geolocation. It is important to note a VPN is first and foremost a security tool designed to ensure a secure connection to the internet.
Use antivirus software and update it regularly
To further improve your overall cybersecurity posture, it is a good idea to install and run an antivirus tool on your computer. Antivirus tools are primarily used to detect and inform users about potential threats that may enter their system. However, for an antivirus tool to function effectively and efficiently, it is crucial to update it regularly. Developers issue updates to ensure that the software is capable of detecting the newest strains of computer infections. Miss an update and you might be in for a not-so-pleasant surprise.
Don’t leave your devices unattended in public places
Last but not least, leaving your devices unattended could have consequences far worse than the loss of the device. Just think about it. These days, we use our laptops and mobile devices for everything, from shopping to baking. Information stored on those devices is far more valuable than the device itself. Make a habit of never leaving your devices out in public. To ensure their security if they are ever stolen, make sure to set strong passwords or codes to protect them from prying eyes.
While cyber warfare is a part of a military effort, which in most instances is led at a national level, civilian people play a major role in it. By taking simple steps to improve their overall cybersecurity, individuals improve the state’s security in general. We’re all part of the team when it comes to cyber warfare.