As its name suggests, cyber warfare is the use of technology to attack information networks to causing incomparable harm and sometimes actual warfare.
It is the causing of disruption, damage, destruction or death by remote means and often involves issuing threats on social media platforms.
Although there are few examples of real-world cyber warfare it is of growing concern to many.
Governments are becoming increasingly aware of reliance on computer systems that drive everything from communications, banking, medical and transport networks. An attack on any or all of these systems is potentially just as damaging as a traditional military campaign of weaponry.
The British army has a dedicated cyber warfare division. Its reports claim the consideration of scrapping its fleet of Challenger 2 tanks in order to dedicate further defence funding towards cyber, space, and other emerging military technologies.
Cyber warfare is harder to trace with malware secretly embedded into a system.
Often, state-sponsored attacks go unclaimed giving room for endless speculation. There are occasions of hacking groups admitting the crime, and the issue is they’re rarely ever officially linked.
The tools of destruction bear an eerie resemblance to weapons commonly used in physical warfare attacks and ostensibly affect the target similarly.
Botnetsexist to launch distributed denial of service (DDoS) attacks that mark critical services and digitally slaughter commercial or priority services.
They can even simply exist as a diversion from other malicious cyber activities, such as attempts to infiltrate the network.
Spear phishing and social engineering are techniques deployed to have cyber criminals physically closer to the targeted systems. Threats from the inside pose a greater and more significant risk for any entity hoping to safeguard systems against intruders. It is potently valuable as far as hackers are concerned, in the ability to directly expose a network to threats, or enable the theft of sensitive data.
Multilevel attacks can be used to great effect. More than a decade ago an employee of an Iranian nuclear power site inserted a USB embedded with the Stuxnet worm, into an air-gapped system. It enabled the exploitation of multiple zero-day exploits where this malware searched for specific software running centrifuges, and commanded them to spin dangerously fast, and then sludgingly slow for a period of months.
All without being detected.
The centrifuges eventually broke and more than one thousand machines were rendered useless.
All this with security cameras installed.
So even if you get the best security camera installation, should your business, office, financial trading service or government department be the focus of a voice-of-the-people cyber attack, it is often only useful retrospectively, when the damage has already been done.
Most certainly, information technology vulnerability is a vulnerability, no matter how many minutes or months it has been breached, and despite the quantifiable damage ultimately experienced.