April 2007 marked the first large-scale cyberattack on a nation when Estonia was hit by a series of hacks—allegedly sponsored by the Kremlin—that shut down the government, financial, and other websites and services across the country (Pamment et al., 2019). It took a month for the Estonian government and NATO cybersecurity experts to restore normal operations.
Cyberattacks are malicious attempts to damage computers, steal sensitive data, or exploit a compromised machine to launch further internet-based attacks. These attacks can cause massive damage to any country’s national security infrastructure. As the cyberthreat landscape expands in both nature and scope, attacks on digital devices, networks, and information systems have transformed how we think about war and terrorism.
Today, any digital device is a potential cyberweapon. The term “cyber warfare” refers to the practice of leveraging cyberattacks to harm nations and states by disrupting their cybersecurity. Cyberattacks carried out against a nation by state-backed hackers raise an important question: Can these types of virtual offenses trigger an aggressive military response offline?
How Dangerous Can Cyberattacks Be?
Technology is integral to business activities today, thanks to its ability to facilitate smooth operations, streamline processes, and improve customer experiences. But this increased digitization also has also made online enterprises and transactions larger and more appealing targets for hackers, leaving them more vulnerable to cyberattacks: Financial damages resulting from cybercrime are expected to reach $10.5 trillion by 2025 (Morgan, 2022).
Cyberattacks don’t just target individuals and businesses, however—they may also take aim at governments and nations, as in the 2007 Estonia attacks. Hacks against governments and the military rose by 47% between 2020 and 2021, making this sector the second most frequently targeted (Brooks, 2022). State-sponsored cyberattacks may also target other key organizations in a given country, such as NGOs, think tanks, and education institutions (Lambert, 2021).
Although the distinction between cyberterrorism and cybercrime isn’t always clear, cyber terrorists are generally characterized by their political, social, or ideological motivations (Yunos & Sulaman, 2017). Cyberterrorist attacks are intended to cause violence or incite fear in a target population—for example, by damaging critical infrastructures, stealing sensitive data, intercepting military communications, or promoting an extremist political agenda (Sheldon & Hanna, 2022; Yunos & Sulaman, 2017).
Can Cyberattacks Lead to Physical Warfare?
When cyberattacks are carried out using lethal means or weapons that threaten national security, they can develop into full-blown cyber warfare. Phishing, malware, Distributed Denial-of-Service (DDoS) attacks, ransomware, viruses, and cyber espionage are just a few of the cyberweapons that can disrupt government infrastructures, corrupt critical data, or lead to data theft that compromises national security and destabilizes critical systems.
On July 27, 2021, U.S. president Joe Biden cautioned staff and leadership at the Office of the Director of National Intelligence (ODNI) that cyberattacks could indeed escalate to physical warfare (Bose, 2021). President Biden warned that a major cyberattack on the United States could result in “a real shooting war,” pointing to the growing threat that Washington perceives to be posed by Russia and China (Bose, 2021, para. 3).
The Biden administration is reportedly treating cybersecurity as its top priority in the wake of the high-profile Kaseya, JBS, Colonial Pipeline, and SolarWinds hacks, among other recent headline-grabbing cyberattacks. Some of these attacks had far-reaching consequences that extended beyond the entities that the cyber attackers originally targeted, creating a ripple effect that affected fuel and food supplies in various parts of the United States.
In early July 2021, the United States, the United Kingdom, and their allies blamed China for sponsoring malicious hackers in a global campaign that included a large-scale cyberattack on Microsoft (Follain et al., 2021). In his speech to the ODNI, Biden stated that a serious state-sponsored cyberattack against the United States could instigate an actual war: “If we end up in a war—a real shooting war with a major power—it’s going to be as a consequence of a cyber breach of great consequence” (Bose, 2021, para. 3).
Minimizing the Aftermath of Cyberattacks
There is no turning back the clock on the technological progress the world is making each minute, especially when it comes to digital transformations. Today, the world depends on the internet and digital technology for the functioning of complex operations, making cyberattacks an unavoidable evil.
However, a skilled cybersecurity workforce can, to a great extent, minimize the severity of such attacks. At EC-Council University, preparing a robust workforce to meet the demanding challenges in the industry today is our core mission. Our online cybersecurity programs are mapped to in-demand skills and industry requirements, paving the way for students to pursue diverse cybersecurity career pathways.
Found this article interesting? Follow EC-Council University on Facebook, Twitter, Instagram and LinkedIn to read more exclusive content.
References
Bose, N. (2021, July 28). Biden: If U.S. has ‘real shooting war’ it could be result of cyber attacks. Reuters.
Brooks, C. (2022, January 21). Cybersecurity in 2022 – A fresh look at some very alarming stats. Forbes.
Follain, J., Leonard, J., & Mehrotra, K. (2021, July 19). U.S., U.K., allies tie Chinese government to Microsoft hack. Bloomberg.
Lambert, J. (2021, October 25). Microsoft Digital Defense Report shares new insights on nation-state attacks. Microsoft Security.
Morgan, S. (2022, January 19). 2022 cybersecurity almanac: 100 facts, figures, predictions and statistics. Cybercrime Magazine.
Pamment, J., Sazonov, V., Granelli, F., Aday, S., Andžāns, M., Bērziņa-Čerenkova, U., Gravelines, J.-P., Hills, M., Holmstrom, M., Klus, A., Martinez-Sanchez, I., Mattiisen, M., Molder, H., Morakabati, Y., Sari, A., Simons, G., & Terra, J. (2019). Hybrid threats: 2007 cyber attacks on Estonia. NATO Strategic Communications Centre of Excellence.
Sheldon, J., & Hanna, K. T. (2022). Cyberterrorism. TechTarget.
Yunos, Z., & Sulaman, S. (2017). Understanding cyber terrorism from motivational perspectives. Journal of Information Warfare, 16(4), 1–13.