The use of cyber attacks against a nation-state, causing it significant harm, up to and including physical warfare, disruption of vital computer systems and loss of life.
According to the Cybersecurity and Infrastructure Security Agency, the goal of cyberwarfare is to "weaken, disrupt or destroy" another nation. To achieve their goals, cyberwarfare programs target a wide spectrum of objectives that might harm national interests. These threats range from propaganda to espionage and serious disruption with extensive infrastructure disruption and loss of life to the citizens of the nation under attack.
The threat of cyberwarfare attacks grows as a nation's critical systems are increasingly connected to the internet. Even if these systems can be properly secured, they can still be hacked by perpetrators recruited by nation-states to find weaknesses and exploit them. Major types of cyberwarfare attacks include the following.
In recent years, cybercriminals have been attacking governments through critical infrastructure, including such entities as transportation systems, banking systems, power grids, water supplies, dams, and hospitals. The adoption of the internet of things makes the manufacturing industry increasingly susceptible to outside threats.
From a national security perspective, destabilizing critical digital infrastructure inflicts damage on vital modern services or processes. For example, an attack on the energy grid could have massive consequences for the industrial, commercial, and private sectors.
Cyber attacks that sabotage government computer systems can be used to support conventional warfare efforts. Such attacks can block official government communications, contaminate digital systems, enable the theft of vital intelligence and threaten national security.
State-sponsored or military-sponsored attacks, for example, may target military databases to get information on troop locations, weapons, and equipment being used.
Cybercriminals hack computer systems to steal data that can be used for intelligence, held for ransom, sold, used to incite scandals and chaos, or even destroyed.
The Center for Strategic and International Studies (CSIS) maintains a timeline record of cyber attacks on government agencies and defense and high-tech companies, as well as economic crimes with losses of more than $1 million. In CSIS timelines dating back to 2006, many of the recorded cyber incidents involve hacking and data theft from nation-states.
The intention of cyberterrorist groups is to cause mass chaos, disrupt critical infrastructure, support political activism or hacktivism, and inflict physical damage or even loss of life. Cyberterrorism actors use a variety of attack methods. These include but are not limited to the following:
Advanced persistent threat (APT) attacks use sophisticated and concentrated penetration methods to gain network access and stay there undetected for a period of time with the intention of stealing data. Typical targets for APT attacks are organizations with high-value information, such as national defense, manufacturing, and the financial industry.
Computer viruses, worms, and malware target information technology (IT) control systems and can affect utilities, transportation systems, power grids, critical infrastructure, and military systems, creating instability.
DoS attacks are intended to prevent legitimate users from accessing targeted computer systems, devices, or other computer network resources and can be aimed at critical infrastructure and governments.
Hacking, or gaining unauthorized access, seeks to steal critical data from institutions, governments, and businesses.
Ransomware, a type of malware, holds data or information systems hostage until the victim pays the ransom.
Phishing attacks attempt to collect information through a target's email, using that information to access systems or steal the victim's identity.