While the United States has endured as a world leader in traditional warfare for well over a century, the global battlefield today has shifted decisively in the digital realm. With countries like Russia, Iran, and even North Korea showing signs of extremely sophisticated digital maneuvers capable of infiltrating other countries’ databases, influencing foreign elections, and even altering physical systems such as hard drives and power grids, large-scale digital are already occurring in real-time.
Russia’s meddling in the 2016 U.S. presidential elections has been one of the most recent and enduring examples of how foreign actors can use cyber attacks to influence even the largest political landscapes, with U.S. intelligence officials directly citing President Vladimir Putin and Russian intelligence services as having hacked the Democratic National Committee in order to leak the emails responsible for harming Hillary Clinton’s electability. Similarly, Russia’s attempt at socially engineering American voters to favor Donald Trump through the buying and promoting of politically-motivated ads on social media—which were estimated to have reached as many as 126 million Americans on Facebook, as well as countless others on platforms like Twitter and YouTube—has brought social media companies under intense scrutiny. While discussions around how to prevent these sort of large-scale digital attacks are being brought to the forefront of political and social decision-making, little has been done to successfully prevent further forms of infiltration.
In addition to foreign actors’ ability to sway political opinion through the use of digital platforms, sophisticated algorithms are also being created that possess the ability to physically alter the world we live in. One of the most alarming examples of this type of hacking is an algorithm known as Stuxnet, a sophisticated computer worm first discovered in 2010 that was created to exploit Windows computers’ zero-day vulnerabilities in order to spread itself rapidly throughout computer systems and target centrifuges used to produce uranium—a computer bug that, if successful, has the ability to shut down or adversely affect nuclear weapons and reactors. Similarly, last year’s WannaCry ransomware worm saw to it that those with infected Windows computers—which included high-level organizations such as Great Britain’s National Health Service—would find important files on their PC’s hard drive encrypted, with a message demanding $300 in Bitcoin to decrypt the files. With the ability of hackers to infiltrate the real world through the digital realm becoming all too common, it is only a matter of time before bigger systems like power grids and communication systems become vulnerable and all-too-accessible in times of conflict.
Because of the speed at which technology enables cyber bugs such as Stuxnet and WannaCry to evolve, it can be extremely difficult for policy makers and government officials to keep up with the ever-changing nature of digital warfare. The first step towards defending against any potential digital threats may be in the hands of organizations and individuals themselves. With nearly every person in the world connected to the Internet in some form, it is crucial that individuals become more familiar with the different forms of cyber attacks and the tools already available to them to defend against such attacks. Two-factor authentication, for example, can be used to help secure personal email accounts against phishing—and while many email hosting services have put such safeguards in place, many of their users have opted out from this important feature. It is vital that something akin to a shared lexicon, for example, be created to assist individuals in understanding difficult technological terms associated with digital security, as well as a more general understanding of the true importance of security in the digital age.
Similarly at the organizational level, simple tasks such as securing one’s hardware with a complicated password, encrypting and backing up data on a regular basis, and investing in cyber security insurance are basic necessities to securing one’s data against cyber threats. More importantly, the creation of a security-focused workplace culture through the education of staff on the dangers of using unsecured networks, unsecured websites and password sharing can help both companies and the individuals who work for them better secure company-related and personal data. Ultimately, until more attention is paid on these sorts of basic safeguards, sensitive user and company data—as well as government data—will remain vulnerable to cyber attacks and foreign actors will continue to pose a real threat in the digital landscape.
As countries continue to experience conflict on the ground, cyber attacks and other forms of digital warfare have ultimately created a much more ambiguous worldwide landscape and disrupted the traditional balance of power between nation-states. With technology continuing to advance at an unprecedented rate, the complicated nature of conflict between countries and other actors only stands to become more convoluted. However, by focusing more on understanding the many shapes and sizes cyber threats come in as well as how to better defend against such threats, individuals can better prepare themselves for any potential dangers they may experience online or in the workplace. As the government and other top-level organizations continue to come up with solutions that can safeguard against bigger digital attacks, citizens can rest assured that in times of war, the digital front will remain secure from foreign influencers.
About the author: Ana C. Rold is Founder and CEO of Diplomatic Courier, a Global Affairs Media Network. She teaches political science courses at Northeastern University and is the Host of The World in 2050–A Forum About Our Future. To engage with her on this article follow her on Twitter @ACRold.