The era of digital conflict
Cyberwar is rewriting the playbook for how countries fight each other and why we’re all in the crosshairs
While recent headlines and news stories are focused on growing tensions between the U.S. and North Korea, a much more insidious threat has been steadily growing and has the potential to cause as much or more havoc for the global community as traditional war.
The world has entered a dangerous, complicated and new phase of warfare that can cause billions of dollars of damage and endanger lives.
The United States, Canada, and our allies around the world are struggling to adapt to this new digital threat, which can be wielded not only by other countries but also by smaller groups such as terrorists and other criminals.
What is cyberwar?
Cyberwar is the use of technology to cause social, economic or even physical damage to a targeted country. It can range from propaganda or fake news campaigns, which we witnessed in the U.S. and French elections, to the theft of national secrets or intellectual property. Canada experienced this in the form of sophisticated Chinese attacks in 2014.
It can even escalate to the crippling of banks, telecommunications providers and media outlets, experienced by South Korea in 2013.
In its most brutal stage, a cyberwar could result in the crippling of power plants, airports, transit and thousands of businesses as the Ukraine experienced in December 2015 and 2016 and this past June and July.
A full cyberwar would look a lot like what happened in Atlantic Canada last week but worse, because it would likely also lead to crippled power utilities, hospitals, transportation systems, retail outlets and more. And it would last a lot longer than four hours.
- Russian security services involved in recent cyberattack, says Ukraine
- Cyberattack: Was it really ransomware, or an attack on Ukraine — or something yet to come?
How did we get here?
The first major move toward cyberwar was made by the U.S. and Israel against Iran and targeted its nuclear program, specifically the special centrifuges that are needed to make the raw materials for nuclear weapons. That cyber weapon was called Stuxnet. It was built around 2005 and became public knowledge in 2010. It was the first major cyber weapon.
It hasn't been the last, not by a long shot.
After that U.S.-Israeli attack, the Iranians retaliated against U.S. ally Saudi Arabia and launched an attack in 2012 that partially or fully destroyed 35,000 computers in its oil company, Saudi Armaco.
According to a report by CNN, it was the most devastating cyber attack the world had ever experienced, until the recent attack on the Ukraine in June.
The attack was so severe, the Saudis' IT staff ran into their global data centres and were pulling cables out of the backs of servers and cutting off internet access to the entire company to try to contain it. The attack never hit the drilling or pumping rigs, but the entire business side of the company was devastated.
The damage was so bad the company chartered a private cargo plane, flew to Southeast Asia and bought every single hard drive available for sale from factories at the time and bumped ahead of every other company in the world in order to get their business back up and running.
In 2013, North Korea successfully hacked a major South Korean anti-virus company and used its software updates to hit banks, TV stations, telecommunications and more using malicious software similar to that used in the attack on Saudi Arabia.
It was the same malicious software they would later use in November 2014 to cripple Sony Pictures in revenge for the production of the movie The Interview.
Cyberwar vs. traditional conflict
The first difference between cyberwar and traditional warfare is the difficulty in knowing who exactly attacked you.
Unlike a traditional military conflict, correctly attributing an attack back to its original source is incredibly difficult. Sophisticated countries often hack third-party victims, such as universities or small or medium-size businesses that don't have robust cybersecurity.
They then use those businesses to attack their real targets, whether they be critical utilities, other governments' resources or important businesses and industries.
The second difference is it can be difficult to know when you're under attack — often the impacts can only be felt years after the attack.
For example, the theft of billions of dollars in Canadian intellectual property from our top research and development centre wasn't truly felt in 2014, or even in the years after when the government spent hundreds of millions of dollars to clean up after the attack.
The reality is the impact will be felt over the decades as lost Canadian economic growth, jobs and businesses add up.
Cyberwar, in its most subtle form, acts more like a disease in the body than a trauma such as a gunshot wound. You don't even know you've experienced it until it's likely too late.
Why is cyberwar more dangerous?
Cyberwar is incredibly dangerous because, as we saw when Russia attacked the Ukraine in June, an attack originally aimed at one country may inadvertently spread to others because of our global economy.
Firms such as the shipping giant Maersk, pharmaceutical company Merck, FedEx and more are all reporting massive financial losses because of that attack. When these digital conflicts are potentially delaying the shipment of vital goods or the production of life-enhancing or life-saving drugs, things start to get real.
At least with nuclear weapons we had concepts around mutual assured destruction that acted as a deterrent for belligerent countries.
To date, estimates on the financial impact of the Ukraine attack just on a handful of companies have already exceeded $500 million.
Cyberwar is also dangerous because, unlike traditional conflict, where we have norms and rules about how countries can and can't respond to attacks, there are no global agreed upon conventions or rules.
What frightens me the most is at least with nuclear weapons we had concepts around mutual assured destruction that acted as a deterrent for belligerent countries.
But with cyberwar, a country like North Korea - which has some of the world's best offensive cyber capabilities - may decide to roll the dice on a massive attack and hope it doesn't get caught. Worse, they could try and make it look like another country did it and start a conflict between its victim and an innocent nation.
Cyberwar is also frightening because traditional military leaders don't know how to respond to it. We've seen some pretty concerning rhetoric even NATO this summer about how they may treat a cyber attack just as they would a real attack against a member country, and may chose not to respond in kind with another cyber attack, but with traditional military force.
Last week the U.S. Army vowed to take any malware sent at it and send it back at the original destination.
What's happening in Canada?
This is where New Brunswick's connection to cyberwar is growing. In June there was a major announcement that as part of Canada's new defence plans, the University of New Brunswick will be working with CFB Gagetown to develop new tools to detect and fight against cyber threats. They will also develop new training to help a brand new type of soldier, called a cyber operator, which will now be part of the Canadian Forces.
While I think we absolutely need to invest in defensive and offensive cyber capabilities in the Canadian Forces, I think there is a unique opportunity for Canada to play a role in advocating for a new Geneva Convention regarding cyber conflict, one that would put attacking civilian infrastructure such as hospitals, power utilities, banking and more as a taboo and to push for global dialogue on the impact of cyber warfare before things get out of hand.
It was Canadian innovation that helped prevent the outbreak of a third World War by pioneering peacekeeping and defusing conflicts that threatened to drag the West and the Soviet Union from a Cold War to a Hot War. Perhaps we can also think of ways to avoid a cyber world war.