There is no consensus among experts as regards the definition of cyberwarfare. Political science professor Troy E. Smith argues that the term is a misnomer because there are no offensive cyberattacks to date that could be described as a war. However, ethicist George Lucas explained in his book that the term is an appropriate term to describe cyberattacks that can result in physical damage to people and properties in the real world.
Nevertheless, the threat from warfare transpiring in the digital realms has been brought up by governments or international political actors, groups and organizations, and the media. Countries such as China, Iran, Israel, the United Kingdom, the United States, and North Korea have developed offensive and defensive cyber operations capabilities.
Those who recognize the threat from cyberwarfare fundamentally believe that cyber-mediated attacks on digital assets and infrastructure can have a significant impact on the safety and security of people or disrupt the normal functions of an organization, a particular government office or agency, or the critical infrastructures of a country.
A Look Into The Types of Cyberwarfare
To understand further the scope of cyberwarfare, it is important to look at its different types and examples as demonstrated by numerous events from the past, as well as brought up by governments and cybersecurity experts. These range from espionage through signals intelligence and sabotage to propagation of propaganda and economic disruption.
Espionage is not an act of war. Several countries have maintained intel capabilities as part of maintaining national security and promoting national interest. However, in some instances, it can result in the escalation of tension between the perpetrator and the target.
Cyber espionage is a specific practice centered on the use of digital technologies to gather information without the permission and knowledge of the information holder. These include classified documents of the government, trade secrets and other intellectual property information of a company, and private information about an individual.
Of course, when applied as part of a cyberwarfare strategy of a particular country or organization, the purpose centers primarily on obtaining sensitive information on a particular target to gain some sort of competitive advantage or leverage.
Former computer intelligence consultant Edward Snowden exposed that the United States has a massive espionage program coursed through the National Security Agency. One of the targets he named was former German Chancellor Angela Merkel. Upon this revelation, Merkel complained to then-President Barack Obama and likened the NSA to the Stasi.
One of the alleged programs used by powerful countries such as the U.S. and the U.K. was the ECHELON program. It is an alleged global surveillance network program that works by intercepting transmissions transpiring in electronic forms of communication.
Note that the program was also created to monitor the activities of the former Soviet Union and the Eastern Bloc allies during the Cold War. Furthermore, it was alleged that the system has been used to target and monitor prominent political figures across the world, including American politicians such as then-Republican Senator Strom Thurmond.
Cyberattacks in important government assets and critical infrastructures can also be part of the overall warfare strategy of a country. Sabotage is another type of cyberwarfare. Certain assets and infrastructures are vulnerable to these cyberattacks.
For example, communication systems such as satellites can affect military operations, particularly by disrupting how a particular military force carries out and coordinates its orders and communications across a distance. The energy infrastructure of a country can also be subjected to cyberattacks to disrupt day-to-day activities.
The Stuxnet malware was discovered by security experts from Kaspersky Lab in July 2010. It infiltrated computerized factor equipment in different parts of the world. The New York Times considered its use as the first known attack on critical industrial infrastructure.
In a paper authored by David Kushner, he noted that Stuxnet was believed to be responsible for substantially damaging the Iranian nuclear-fuel enrichment program. The malware specifically targeted programmable logic controllers. These controllers automate electrochemical processes used in to control industrial equipment such as gas centrifuges.
Note that there are also other more specific types of cyberwarfare under the sabotage category. These include the use of denial-of-service attacks or DoS attacks to render networks inaccessible to users or the rollout of other malware intended to disable computer systems.
Digital technologies have also been used to disrupt an entire economy. The WannaCry and Petya ransomware attacks in 2017 resulted in a widescale disruption in Ukraine and the National Health Service of the U.K. It also affected the American multinational pharmaceutical company Merck and the Danish global shipping company Maersk.
Even the dissemination of propaganda through digital mediums such as the internet and the more specific social networking sites can also constitute cyberwarfare. Note that propaganda pertains to the control of information to influence public perception and opinion.
Hence, when used by a particular country as part of its cyberwarfare strategy and the overall warfare strategy, propaganda falls within the realms of psychological warfare. Note that cyber propaganda uses digital mediums of communication. These include websites, social media, electronic mail, and messaging services applications, among others.
Propaganda can take different forms and have different goals. The most common is to spread false information or disinformation intended either to discredit a particular persona or organization or create a positive perception about a particular subject.
Russia has been criticized to use online propaganda to influence public perception regarding the Russia-Ukraine War, specifically to rationalize the annexation of Crimea and the decision of Vladimir Putin to attack Ukraine in February 2022. Putin has also been credited for using a massive disinformation campaign to keep him in power.
Terrorist organizations have used the internet to promote radicalism beyond the borders of their countries of origin. Some have even succeeded in recruiting people to their cause. This has been exemplified in the radicalization of Western citizens by the Islamic State.
Note that the U.S. has been using propaganda to rationalize its actions. For example, in 2006, the U.S. Armed Forces launched the rapid response unit tasked to create and disseminate what it claims to be an informative propaganda aimed at countering alleged inaccurate narratives about the Iraq War that circulated across digital communication mediums.
Understanding the Motivations Behind Cyberwarfare
The different types of cyberwarfare also represent the specific purpose or motivation for such. Of course, from the perspective of national and global security, the motivation can be military. Remember that several countries have offensive and defensive cyberwarfare capabilities.
It is interesting to note that both the U.S. Armed Forces and the Armed Forces of the Russian Federation have included the aforesaid capabilities as part of their respective military strength. Note that hours before Russia attacked Ukraine in February 2022, analysts noted that a malware began circulating in the computer systems of the Ukrainian government.
What is more interesting to note is that analysts have warned that a cyberattack from a particular country to any one of the members of the North Atlantic Treaty Organization could possibly trigger Article 5 of the NATO Treaty or the collective defense doctrine.
Of course, when used as part of intelligence gather, the motivation can range from surveillance to maintain national security or to gather sensitive information that can be used to prevent future attacks. In addition, cyber espionage can be used to determine the military strategy of a possible aggressor or to gain either military or economic advantage.
A motivation grounded on gaining economic leverage can still be considered a form of cyberwarfare, especially if the aggressor intends to disrupt the economy of the target or victim, as well as to cause considerable economic and financial damage.
FURTHER READINGS AND REFERENCES
- Gibney, E. 2022. “Where Is Russia’s Cyberwar? Researchers Decipher Its Strategy.” Nature. DOI: 1038/d41586-022-00753-9
- Kushner, D. 2013. “The Real Story of Stuxnet.” IEEE Spectrum. 50(3): 48-53. DOI: 1109/MSPEC.2013.6471059
- Lucas, G. 2017. Ethics and Cyber Warfare: The Quest for Responsible Security in the Age of Digital Warfare. Oxford. ISBN: 9780190276522.
- Rayman, N. 2013. “Markel Compared NSA to Stasi in Complaint to Obama.” Time. Available online
- Smith, T. E. 2013. “Cyber Warfare: A Misrepresentation of the True Cyber Threat.” American Intelligence Journal. 31(1): 82-85. JSTOR: 26202046
- Richmond, R. “Malware Hits Computerized Industrial Equipment.” The New York Times. Available online