Cyberwarfare is now in the realm of nation states. Hacking tools are used to dismantle industries and cripple nations at their core. In recent years, hackers have initiated city-wide blackouts, shut down computer systems at nuclear power plants, and impaired government agencies worldwide. Cyberwarfare has cultivated a war of information, in which the enemy can shape military and political strategy as well as strip nations of agencies needed for normal function—all from behind computer screens.
On May 12, hackers conducted ransomware attacks using stolen NSA tool Eternal Blue, hitting more than a hundred countries worldwide. Nearly a month later, the same system was used in the Petya malware attack in Ukraine, infiltrating the monitoring system at a nuclear power plant and infecting dozens of state-owned ministries and enterprises including railway systems, banks, and airports. This year, the number of strikes have continued to rapidly increase. According to a report from the Computer Crime and Intellectual Property Section, the number of cyberattacks have increased 300% since 2015, jumping from 1,000 daily attacks in 2015 to more than 4,000 in 2016.
Cyberwarfare has become more evolved and undetectable, penetrating all spheres of influence. Political elections in Germany, the U.S. and France have been afflicted by cyberattacks. In a lesser-known attack in 2015, sensitive information that could be used to influence government elections was accessed from the German parliament. In 2016, the U.S. election was infiltrated by Russian hackers, despite former U.S. President Barack Obama’s dropping of “cyber bombs” to hinder Russian infrastructure. In May, cybercriminals attempted to influence the French presidential election by leaking emails from then presidential nominee Emmanuel Macron’s server.
Along with government agencies, businesses have taken a hard hit as well. In 2016, an estimated 3.2 million debit cards in Indian banks were breached. In 2014, more than 73 million bank accounts at JP Morgan Chase were exposed by Russian hackers. In addition to bank hacks, companies have also taken a hard hit. In 2014, more than 56 million bank accounts were hacked through Home Depot’s point of sale systems. Big enterprises are not the only systems being compromised: hackers have also hit small businesses. According to a report from Symantec, small businesses are hit with phishing campaigns 43% of the time.
Despite breeches accumulating, many companies are not taking steps to prevent future hacks by boosting funds for security. According to a study by Barkly, 52% of companies that suffered from major cyberattacks aren’t making changes to their security plan, with 45% of companies who suffered from attacks not increasing their security budget.
While industries put out shorthanded efforts, cybercriminals have innovated new tactics to break into some of the world’s most secure systems. The number of emails that combined malware and ransomware surged 789% from 2015 to 2016, according to a report from PhishMe. To access sensitive information in email strikes, hackers are now targeting specific individuals at companies rather than launching large scale attacks, making some breeches more and more imperceptible.
Although adapted security measures and increased funding in cybersecurity pose potential solutions to cyberattacks, the best weapon against cyberwarfare is cooperation.
In Office of the Director of Intelligence paper “Cyberwar, Netwar, and the Future of Cyberdefense” by Robert Brose, the author emphasized that the best defense is the sharing of information between allied nations on cyberattacks.
“Fortunately, the antidote to Netwar poison is active transparency, a function democracies excel in,”said Brose. “A United Front, as it were, of truth-seeking nations, soberly facing their opponents, willing to accept the airing of one’s own imperfection for the sake of improvement, and committed to the norm that there is an objective reality that matters, presents a formidable challenge to the information-machinations of undemocratic or authoritarian regimes.”
While nations conceal intelligence on cyberwarfare, the number of attacks have become overwhelmingly targeted at government entities. In April 2017, 20% of cyberattacks were targeted at military, and 40% of organization-based attacks hit political parties, according to data from Hackmageddon. As attacks are motivated by cyberwar, crime and espionage, the need for cybersecurity diplomacy is more necessary than ever.