In modern war, we have as much to fear from cyber weapons as kinetics

Tom Allen
clock • 3 min read
Cyber weapons are fast, cheap, remote and hard to trace

Cyber weapons are fast, cheap, remote and hard to trace

The physical world is past the point of no return when it comes to dependence on technology, says Ian Hill

In this hyper-connected world, cyberattacks that threaten the internet are a terrifying prospect. 

"The real world and the virtual world have become so interdependent," said Ian Hill, director of cyber security at BGL Insurance, speaking at the first day of Computing's Cybersecurity Festival last week. 

"Our physical world, certainly in the context of Western society, has pretty much got to the point of no return, where our dependency on technology - and technology's dependence on the internet - that the economy cannot exist without them. If anything happens to the internet, or some connected technology, we've got a real problem." 

Technology has always been pivotal in warfare, from the longbow to the atomic bomb. And with humanity's "innate propensity to turn anything that was developed for good into something for evil," the internet has become another battlefield - and more than that, a weapon. 

Hill described nation states building cyber weapons capability to support their kinetic capability, "because it's clear now that you'll need both." Concerningly, cyber weapons can overcome many of the disadvantages of traditional weaponry. They are fast, cheap and remote; only require a small force to launch; and are hard to trace. Cyber weapons innately have plausible deniability. 

But there is a bright side. Unlike kinetic weapons, which last for years and are to an extent reusable, cyber weapons are most effective when they are developed in secret to target a vulnerability. Once that flaw is fixed, they are no longer viable, and those fixes happen quickly once the weapon is launched. That means cyber weapons hold little capability to act as a deterrent. 

 It isn't all about specific weapons like malware, though; information warfare is much more insidious. 

A bodyguard of lies 

Decades ago, the Axis and the Allies used propaganda to sow discord among the enemy. That has stayed the same in modern warfare, but the speed of delivery today is far beyond what was possible in the 1940s. 

"Data-driven propaganda spreads at the speed of light and is targeted, making it a much more effective weapon to use as part of the cyber arsenal. 

"The internet and social media have facilitated the true weaponisation of information." 

Misinformation is now so prevalent that it's hard to know what to believe, and many countries are involved. 

"Everyone is involved in a sort of covert cyber cold war: America against China and Russia, China against America, China against Russia, North Korea against everybody. There is a sort of cyber cold war going on, and it's escalating." 

But even knowing the major players, attributing an attack is very hard, particularly as countries are now using criminal gangs (like Conti in Russia) as proxies. 

"We're starting to see larger attacks - often ransomware with the intent of making money - but lying behind them are nation states." 

An example was a ransomware attack against Royal BAM Group, Hill's former employer, in 2020. On the face of it this appeared to be just another demand for money; but there was physically no way to pay the ransom. Further investigation points to it being a state-sponsored attack by Russia, trying to disrupt the UK's ability to respond to the Covid-19 pandemic. BAM was helping to build the temporary Nightingale hospitals. 

Any cyber incident has the potential to be devastating, but modern attacks have real-world consequences beyond knocking a few percent off a share price. Targeting critical infrastructure like healthcare, transport and utilities has knock-on effects that can cripple an economy; and modern disinformation campaigns like those against Covid vaccines have cost lives. 

"Cyber assassinations are only a matter of time," Hill warned. 

There is some hope. Russia attempted what Hill called a "cyber blitzkrieg" against Ukraine earlier this year, attempting to destabilise the region in advance of its illegal invasion. In that situation, Russia's offensive was not particularly successful because Ukraine had expected and prepared for it since the invasion of Crimea in 2014: showcasing the importance and effectiveness of cyber counter-offensives.

You may also like
Police service faces £750k fine for data breach

Threats and Risks

ICO reduces PSNI fine from £5.6 million

clock 24 May 2024 • 2 min read
Microsoft Build 2024: Five things to know about Copilot+ PCs

Artificial Intelligence

“We’re going to have a big refresh moment,” says Microsoft VP Mark Linton

clock 22 May 2024 • 7 min read
IT Essentials: Sun, stress and security


Burnout is the scourge of UK cyber - don't let it ruin your holidays

clock 20 May 2024 • 3 min read

More on Security

Asian Tech Roundup: Pressure grows in US-China trade war

Asian Tech Roundup: Pressure grows in US-China trade war

Plus: Google 'accidentally' deletes pension fund's cloud account

Tom Allen
clock 17 May 2024 • 4 min read
Maritime security: 'Hacking a ship is just like hacking a Tesla but bigger'

Maritime security: 'Hacking a ship is just like hacking a Tesla but bigger'

Cyberattacks on shipping up 400-500% in five years, Lloyds List Intelligence

John Leonard
clock 16 May 2024 • 4 min read
Tories self-refer to ICO over data breach

Tories self-refer to ICO over data breach

Revealed hundreds of personal email addresses by forgetting to BCC

Tom Allen
clock 15 May 2024 • 2 min read