In the 30-plus years since the end of the Cold War, cyber has emerged to become a valuable weapon for nation-states to invest — unfortunately not always for the greater good. From 2017 to 2020, nation-state cyberattacks doubled with enterprises, government bodies and regulators – and critical infrastructure was the top target of adversaries. Hacking groups are also increasingly partnering with governments to achieve common goals in cyberspace.
The sheer nation-state attack numbers in today’s sophisticated threat landscape coupled with rising global tensions begs the question — are we now in the age of the Digital Cold War?
In my opinion, yes.
It’s crucial for both public and private organizations to understand the threats the world will face in the coming years as nation-states and cybercriminals work in tandem to impose their will on other countries in this new age. Governments need to enact policies and strategies to mitigate those threats as best they can.
What the Digital Cold War means
Just like in the original Cold War, nation-states are now arming themselves in an attempt to undermine the status of the United States as a world power. Only this time, they are arming themselves with cyber capabilities that have the potential to cause major disruptions to U.S. networks and critical infrastructure. These tactics may include:
- Using stolen credentials to infiltrate networks.
- Dwelling in networks for months at a time, gathering sensitive data.
- Recruiting disgruntled employees to act as insider threats.
- Shutting down critical infrastructure until demands are met.
- Hacking and taking over drones or other unmanned aircraft systems.
Stronger defenses needed
Today, the U.S. stands significantly unprepared for the growing cyber threats that are mounting in response to global tensions. The country’s critical infrastructure has been allowed to deteriorate to such an extent that it has jeopardized our ability to prevent attacks before they occur.
Just take a look at the Colonial Pipeline ransomware attack from last year. Adversaries shut down the largest oil pipeline in the U.S. until the business handed over a $5 million ransom to the DarkSide cybercrime gang, an attack that’s possibly the tip of the iceberg as nation-states follow similar tactics.
So how has the U.S. become so susceptible to these breaches? A lot of the issues with current security frameworks boil down to legacy technology. Public sector networks are often incredibly difficult to protect because many of their security tools aren’t up to the standards necessary to act as a viable defense.
It's absolutely crucial to assess the state of both private and public cybersecurity technology stacks, especially for those in industries most likely targeted in the event of an attack. Chief among these are critical infrastructure sectors such as hospitals, energy, communication, and banking. By targeting these sectors, adversaries can significantly hinder the nation’s ability to function and provide for its citizens.
The U.S. military has also been increasingly targeted. China has been suspected of multiple breaches of U.S. defense and technology companies in the past, exfiltrating sensitive data that may very well help it deal further damage to U.S. defense networks and capabilities. As the U.S. military takes advantage of emerging technologies and weaponry, such as drones and UAVs, so, too, will it have to continue developing its cybersecurity systems to prevent information and assets from falling into the wrong hands.
The way forward
I promise, it’s not all doom and gloom. Cyberwarfare may seem like a daunting new era in international conflict, but it’s no different than the rise of nuclear power back in the age of the original Cold War. Enhanced cyber capabilities are being used for a lot of good, but there are also those that are exploiting them to harm their enemies.
Many countries around the world have acknowledged these threats and are working to shore up their defenses, such as the executive order President Biden issued in May 2021 establishing increased government cybersecurity standards.
As the years pass and nation-states develop new technologies and methods to infiltrate networks, they will continue to utilize cyberwarfare both as a tactical weapon on its own and as a complement to gain the upper hand in a wider, physical war. This means countries will have to stay vigilant, employing the latest technologies to detect anomalous and malicious behavior and keep their information, infrastructure and, ultimately, their citizens safe.
Tyler Farrar, chief information security officer, Exabeam