23-0306/
Blog
Electronic warfare is not a new concept, with countries using tactics like jamming an enemy’s communications, radars, and other systems going as far back as the previous century. However, it has evolved to encompass cyber warfare, making it a far more dangerous threat. Unlike traditional weapons, cyber weapons can move much faster and do not have the limitations of borders or distances, making public targets much easier to attack.
The use of cyberattacks to damage and disrupt the enemy’s digital capabilities is now a key strategic advantage, which is being actively used by combatants both off and on the battlefield. Using these attacks both help combatants in the field and also helps in disrupting and weakening the infrastructure of the enemy, making them more susceptible to attacks.
Nation states have also fully embraced this new trend and are actively using it for disruption, espionage, and even spreading their propaganda to influence media and public perception as we will see in this article.
What is electronic warfare?
The use of electromagnetic energy to manage the electromagnetic spectrum (EMS) in order to prevent an adversary from using it or to gain an advantage is known as electronic warfare (EW). All electromagnetic spectrum frequencies, from radio waves to gamma rays, make up the EMS.
Electronic assault (EA)
Electronic protection (EP)
Electronic support (ES)
are the three main tactics utilized in electronic warfare.
Using electromagnetic radiation to interfere with or impair an adversary’s electronic systems is known as an electronic attack (EA). Among these options is jamming, which is transmitting signals on the same frequency as the adversary’s radar or communications devices in order to block them or create errors.
The many faces of cyber-warfare
Cyber warfare is not static and has various attack methods which can be used to target an enemy.
Let us take a look at a few of the most popular trends within it:
Ransomware: Ransomware attacks are some of the most disruptive attacks globally, with cybercriminals encrypting data unless a payment is made. These attacks become even more dangerous in cyber warfare as usually there is no financial motive, and the intention is to cause as much damage as possible to the enemy’s ability to operate.
Zero-day attacks: In addition to ransomware, the cyber cells of nation-states can exploit zero-day attacks to inject malware into the enemy’s systems. These can be used for various reasons, ranging from sabotage to espionage.
Distributed Denial of Service (DDOS) attacks: DDOS attacks can be devastating in their ability to stop the operations of critical companies and governments. By targeting essential government functions and infrastructure such as the power and water grid, attackers can cause society to come grinding to a halt and public confidence in their leaders to suffer.
Supply chain attacks: Supply chains can be a dangerous blind spot in most cyber defense. Attackers can target governments and companies’ software or physical supply chains to inject malicious code that can be activated later. Or the entire supply chain can be disrupted to cause operations to stop.
These attacks are not a comprehensive list but just a few of the most common trends in cyber warfare.
The Russia-Ukraine conflict and electronic warfare
The Russia-Ukraine conflict is one of the most devastating events of recent times. In addition to the physical warfare, numerous agencies have reported that Russia has been waging a relentless cyber warfare campaign against Ukraine and its people. These attacks have been made in tandem with conventional warfare in a two-pronged attack aimed at destroying Ukraine’s physical and digital infrastructure.
Microsoft reported that Russia is using cyber warfare attacks that if focused on three fronts:
Cyber Attacks targeting critical infrastructure within Ukraine
Espionage operations to gain intelligence about Ukraine’s operations
Propaganda operations to sway the opinion of the Ukrainian people and make them lose confidence in their leadership
However, the attacks have not been restricted to just Ukraine and its infrastructure and have targeted other countries that have risen to support Ukraine and its people. Microsoft detected Russian efforts against 42 other countries, with the United States being the number one target and companies ranging from IT, critical infrastructure, and even humanitarian aid organizations being attacked.
The good news is that Ukraine has managed to fend off most of the attacks due to the rapid intelligence sharing facilitated in this crisis. By sharing threat indicators and other intel informing all relevant parties of upcoming Russian attacks, cyber defenses have been able to update themselves and withstand most ( if not all ) Russian cyberattacks.
Electronic warfare is here to stay.
Cyber warfare is the next evolution of Electronic warfare, which is very much here to stay. Attacks and techniques will only get more advanced with time, and governments and companies must update themselves to ensure they are protected:
A few of the critical technical and non-technical measures that can be taken are listed below:
Governments should disperse their key digital assets and not centralize them where a physical or digital attack can take them out. Taking advantage of technologies like the public cloud enables governments to host their assets in multiple data centers and not have a single point of failure.
Ensure that technical best practices like strong passwords, multi-factor authentication, patching, firewalls, anti-malware, security scanning, etc are all implemented. Combined, they can form a robust security layer against cyber warfare. It is especially critical to ensure that systems and applications remain patched so they are able to withstand malware and other attacks.
A comprehensive backup strategy should be implemented to cover key data in case of a physical or cyber attack. It is especially critical to ensure there is an air gap between backup copies so that attacks like ransomware cannot infect all copies of a backup
Periodic assessments and red teaming exercises must be carried out to identify weak pots before they can be exploited in wartime. Information shared via threat intelligence feeds should immediately be incorporated and used in these tests so that they remain relevant
Employee training is crucial at times of cyber warfare. Usually, employees and the general public are targeted by cyber attacks to gain an initial foothold. Along with regular security training of employees, the general public should also be educated against mis-information. It was identified that Russia itself has focused on the targets listed below:
The general Ukrainian public to undermine their confidence in the current leadership
The population of countries supporting Ukraine so that criticism of Russian attacks can be deflected and distorted
These are just a few steps governments and companies can take worldwide to protect themselves in the new and dangerous world we find ourselves in. Cyber warfare is here to stay and will only become more dangerous as time goes on. As we move more and more towards a digital battlefield, companies and governments that are not ready will find themselves at serious risk in the new digital warzone.Combatants are actively using cyberattacks to harm and impair the enemy’s digital capabilities as a crucial strategic advantage both on and off the battlefield.