Cyber warfare and terrorism are distinct yet interrelated concepts that have gained increasing relevance in the contemporary digital age. While cyber warfare pertains to the use of digital means of communication by state or non-state-based actors to conduct offensive and defensive attacks, cyberterrorism refers to the critical use of technology by individuals or organizations, such as terrorist groups or individuals, to inflict harm on a target. This essay aims to collate and contrast cyber warfare and terrorism, highlighting their similitude and dissimilarities. Additionally, it provides examples of modern cyber warfare and terrorism events, illustrating the gravity of these phenomena. Finally, the essay concludes by underlining the importance of studying cyber warfare and terrorism and providing directions for future research.
The worldwide internet (WWI) Internet becomes an indispensable part of humans around the world. The emerging condition of Information and communications technology (ICT) modernization is moving forward rapidly. Digitalization has transformed the internet, people, process, and technology into a new form of cyber existence. Due to the increased reliance on ICT, it has also resulted in new forms of cyber threats, which includes cyber warfare and cyberterrorism. The definitions and implications differ from one another. Both forms of attacks refer to the use of network infrastructure to carry out attacks on governments, organizations, or individuals.
Cyberwarfare involves the use of offensive and defensive technology in military operations, while cyberterrorism involves the use of technology by non-state actors in terrorist activities [1–4]. The nature of cyberwarfare provides greater privilege to the attacker to cause unprecedented threats to national security, military, organizations, and individuals. Cyberwarfare and terrorism definitions and concepts are not obliged to one perspective; it’s very important to agree on what it means to this essay. In addition, many phenomenological frameworks defined the traditional and modern attack patterns with security incidents and statistics [5–10]. A foundational understanding of past and current cyber battlespace is crucial. Examining the most recent Cyber Warfare concepts, information, methodologies, arsenals, cyber field, laws, regulations, and mapping them to the current and future events via this academic essay.
Background
Since ancient times, the significance of information you have and know is always part of the conflict, the need-to-know desire attempt to facilitate the factual details about the enemy and obliges you to take precautions, preparations and protect from attacks. In the modern era, the evolution of physical warfare attacks is converged and subsumed into Network-centric Warfare (NCW) factors and assessment values[11–12]. The rise of cyber threats can be mapped to cyber warfare due to connectivity becoming an indispensable part of our normal world.
Despite the advent of modern technologies, the fundamental of any armed conflict remains the same, only the advancement and narrative of political objectives and country-specific organized cyber violence [13]. The characteristic of warfare amplifies the origin of the society, cause and contours of the underlying principles are prevailed by values and reality. Thus, cyberattack can trigger a greater threat to the society and country where next generation critical infrastructure advancement projects are enforced.
Types of cyber threats
Different types of cybercrime are not directly relevant to this study, however it’s crucial to understand the underlying models and how they were interconnected, to clearly differentiate between objectives of cybercrime, cyberwarfare, and cyberterrorism [14–17]. The cyber offences in cyberspace are highly likely a state sponsored and/or indirectly supported through a regime’s interest. The cyberattacks and offenders are classified into the five types as shown in Figure 1.
1. The obtrusive reconnaissance.
2. Political ideology.
3. Intellectual property (IP) theft.
4. Cyberfraud.
5. Information disclosure.
Cyber warfare refers to the use of technology in military operations to disrupt, deny, or destroy the information assets and to halt the operations of the adversary to the ground level. The paramount importance is to take a strategic advantage in a conflict. Cyber warfare involves activities such as digital espionage, surveillance, spreading falsified misinformation about the country and/or war attributions, network attacks, and causing severe economic disruptions. Cyber warfare operations are conducted by state bodies and/or indirectly state-supported proxies operated in the grey areas, which have the resources and capabilities to execute such large-scale cyber-attacks against the intended target nations.
Similarly, cyber warfare is characterized by Advanced persistent threat (APT) operations, which includes reconnaissance, draft, delivery, exploit, install, command, and control centre (C&C), and final actions on the target resources, and a well-defined command structure to assist them to operate virtually, without a trace [18–19]. Cyberwarfare aims at achieving strategic objectives, which can be realized through a gradual escalation of APT lifecycle procedures [20].
Critical infrastructure-Vulnerable to cyberwarfare
The challenges and impacts associated with cyberwarfare is beyond the offensive mechanism capabilities, state bodies are considering using defensive mechanism to protect the critical infrastructure from cyberwarfare attacks [21–22].
Examples of Cyberwarfare groups and case studies:
The following section highlight some of the key events carried out by each nation against their target through various warfare protocols. The importance of conducting a cyberwarfare is unique to each country’s economic, political and warfare interests.
1. Democratic People’s Republic of Korea (DPRK):
A powerful DDoS attack was conducted by DPRK and took down the US and South Korean government and commercial websites on July 4, 2009, to cause panic and severe disruptions to the ICT networks [23–24].
2. China:
After the USA and Russia, China comes third as one of the most powerful countries in cyber warfare [25]. The technical and non-technical methods of China in cyberwarfare are classified as follows.
2. Computer networks.
3. Electronic environment.
4. Psychological operations.
3. Israeli attack on Syrian Nuclear Site:
On 6 September 2007, Israel successfully conducted espionage electronic attack techniques and infiltrated the Syrian air defence networks to bomb a nuclear site at Dayr az-Zawr, without being engaged or even detected by the Syrian defence and offence network systems [26].
On June 14, 2009, during the civilian presidential election protests, a vast number of DDoS and espionage attacks were carried out against the government websites to cause severe disruption [27].
On April 21, 2009, the US government’s Joint Strike Fighter project was compromised by Chinese hackers and several terabytes of data were stolen in that incident. Two months later, in July, a wave of DDoS attack operation was carried out against 25 US government websites, and all these domains were made inaccessible by civilians and officials for several days till the restore point [28–29].
A malware USB flash drive was inserted into a military laptop and classified information was stolen and transferred to a different network by foreign intelligence forces.
A Stuxnet powerful worm was inserted into the Iranian nuclear programmer via USB stick to target and destroy the SCADA network; this attack compromised 60 per cent of the hosts’ system and halted the operations for several months. The malware was a result of a joint cyber operation by the US and Israel. This is an example of cyber warfare where a nation-state uses technology to achieve a military objective [30].
On December 2016, Russian hackers conducted a cyberattack against the Ukrainian power grids, compromised 99% of the SCADA network, and disrupted one-fifth of the city’s power consumption for several hours [31].
Cyber-terrorism refers to the use of technology to intimidate or coerce civilians and governments. It involves the use of ICT computer networks to carry out terrorist activities, such as disrupting critical infrastructure, stealing confidential information, banking, IP’s, power, and spreading propaganda can have serious consequences on public safety and national security. Cyber-terrorism is different from traditional terrorism in the sense that it does not require physical proximity to the target, making it easier for attackers to remain anonymous. Cyber-terrorism is a threat to both individuals and organizations, and often leads to devastating financial losses.
For example, a cyber-attack on critical infrastructure such as the power grid, water systems, or transportation networks could cause significant physical harm and loss of life. Cyberterrorism is also characterized by the absence of a well-defined command structure and extensive planning. Cyberterrorists can conduct cyber-attacks from virtually anywhere in the world, using simple tools such as open-source and commercial tools, laptop, and an internet connection. Cyberterrorism aims at achieving immediate results, which can be accomplished through a single cyber-attack [32–34].
Examples of Cyber-terrorism groups and case studies
1. Sony Pictures Entertainment Attack-Private sector
In 2014, the Guardians of Peace group hacked into Sony Pictures Entertainment and stole sensitive data, including financial records and emails. The attack was intended to intimidate and coerce the entertainment industry and cause panic in the public. The attack compromised the confidentiality of sensitive information, destroyed critical systems, and caused economic damage to the Sony company. Furthermore, the group demanded the cancellation of a film portraying the assassination of North Korean supreme commander Kim Jong-un. This is an example of cyberterrorism, where non-state actors use technology to achieve political objectives [35].
2. Bangladesh bank hack-Government sector
In 2016, a hacker managed to hack the SWIFT network applications with employee’s credentials in the Bangladesh bank and altered the files to transfer $81 million dollars into Rizal Commercial Banking Corporation in the Philippines via four different transactions [36].
3. WannaCry ransomware attack-Affected General Public
In 2017, the WannaCry ransomware attack was carried out at large-scale, which affected over 200,000 computers in 150 countries across the globe; it was a prominent example of cyberterrorism as it caused widespread disruption and financial damage [37].
The definitions of cyber warfare and cyberterrorism vary across different groups, and this has implications for policy and legal frameworks. Governments define cyber warfare differently based on their military capabilities and objectives. Cyber warfare and cyberterrorism share some similarities, but they also have distinct differences.
For instance, both involve the use of common technology to achieve malicious objectives, however, the designated targets and consequences are different. Cyber warfare is conducted by state bodies as part of their national military strategy, and it is aimed at disrupting the critical infrastructure of other countries or gaining intelligence. In contrast, cyberterrorism is conducted by non-state actors as part of their political agenda, and it aims to inflict harm on a target.
Another difference is the level of sophistication involved in the attack patterns. Cyber warfare involves highly skilled and advanced techniques, whereas cyberterrorism can be carried out by individuals with basic cyber skills. On the other hand, cyberterrorism is not recognized as a separate offence under international law and is often classified under other forms of terrorism.
The impact of cyberterrorism is also significantly high. Damages caused by cyberterrorism include data breaches, intellectual property theft, network outages, and system disruptions. Furthermore, cyberterrorism can result in social unrest and economic losses. Cyber warfare operates within a well-defined command structure and a set of rules of engagement, while cyberterrorism does not adhere to conventional norms and standards of warfare. Finally, cyber warfare prioritizes strategic objectives, while cyberterrorism aims at immediate results [38–40].
In conclusion, cyber warfare and cyberterrorism are two distinct fields, that cause a significant global security threat that requires increased awareness, understanding, and cooperation among various stakeholders on the global stage. While cyber warfare and cyberterrorism share a common objective, their differences in terms of threat actors, command and control structure, planning, and objectives are prodigious. The definitions of cyber warfare and cyberterrorism may vary across different groups, emphasizing the need for a more nuanced understanding of these two concepts, whereas interrelated concepts have significant implications for national security and public safety.
On the other hand, regional terrorism is an international threat that requires a global effort to mitigate and eliminate violence. Finally, the examples provided demonstrative the real-world impact of cyberattacks and the need for increased vigilance in securing critical infrastructure both militarily and for the public. In the future, research should be focussed on exploring the implications of these threats on national security and the legal frameworks governing them.
— — — — — — — — — — — — -THE END — — — — — — — — — — — —
Quote of the day: 女心と秋の空 (Josei to aki no sora).
Explanation: If you want to know what’s happening in the heart of a woman, look closely at her eyes. The quote is often used in literature, poetry, and media in Japan to evoke the beauty and mystery of women’s emotions.
Thanks for reading!
Have a pleasant day!
Also published here.