The hacking-cyberwar continuum, Part I

97% of all organizations have been the victims of hacking from cyber criminals

In my last blog, I stated that over 90% of organizations have no protection against the kind of targeted attacks experienced by Sony in recent months. In fact, over 97% of all organizations have been the victims of hacking from cyber criminals and other actors, some of them directed by foreign governments.

A recent study by Symantec Norton Security found that financial losses associated with Cybercrime are at $390 billion a year, at the same level as the illegal drug trade.

Some necessary distinctions

There is a Hacking-Cyberwar Continuum comprised of varied, generally overlapping activities perpetrated by actors having distinctly different motives. At a macro level, entire nation states and regional entities are possible targets of a kind of hacking that escalates into cyberwar, potentially inflicting damage, including mass casualties–that could even exceed conventional war. Consider, for example, how a months-long power grid failure triggered by a cyber attack would cut off food and water supplies, etc. Even without significant damage to infrastructure, cyberwar could have devastating impact on the level of trust required in open, democratic societies.

Very concerning is the fact that “the costs for non-state entities (of launching attacks) in cyberspace compared to land, sea, and air, are nil (because) in cyberspace, every computer is a point on a border.” (Nye, 2011). –Fortunately, to date, there have been no known incidents of Cyberterrorism–in which individuals have experienced actual physical harm.

To help clarify the mind-numbing complexity of these related threats, Internet security gurus have proposed some definitions:
  • No Major Cyberwar has yet occurred. If/when it does happen the most likely cyber war scenario would be the initiation of a series of cyber attacks against a foreign state as a precursor/accompaniment to actual conventional military action. This is how the Russian-Georgian War of 2008 played out.
  • However, nation state sponsored Cyber Espionage has been going on for years, most notably the ongoing, long-standing Chinese cyber theft of U.S. private and public intellectual property.
  • Because of ongoing cyber espionage and the ever-present threat of cyberwar, we have entered into an era of Cyber Cold War in which nations are continually building up both defensive and offensive cyber systems.
  • At least one incident of Cybersabotage has occurred. By far the most significant publicized cyber attack thus far was the 2010 U.S.-Israeli Stuxnet worm attack that reportedly destroyed one fifth of Iran’s nuclear centrifuges, setting back that country’s nuclear program months, perhaps years.
  • What some have called Cyberterrorism is probably better described as Cybervandalism, e.g., the Syrian Electronic Army’s hijacking of Twitter accounts or the Izz ad-Din Qassam Cyber Brigades’ denial of service attacks on American bank websites. Such attacks hold little chance of physically injuring anyone.
  • Finally, Hacktivism is carried out by individuals and/or small networks of hackers motivated by social and political reform. It underscores the power that ordinary individuals have for good or bad, depending on your perspective. Examples are the events surrounding the WikiLeaks controversy and the use of social media in the Arab Spring. All such activities are the work of

In my next blog, I’ll present arguments pro and con from experts about the likelihood of Cyberwar and exponentially more damaging Cybersabotage in the future.mcafee_cyberwar_report_graphic

More Insights