Over the last few years there has been a massive increase in the number of breaches occurring globally, every time we look at the news another high profile company has been breached and customer data leaked all over the internet or for sale on the dark web. This is sadly our new normal, which is a little concerning but never the less true. However, I believe there is a misunderstanding by many that all of these high-profile breaches are committed by cyber criminals, many of these attacks are actually carried out by specialist state sponsored hacking groups. It is their sole responsibility to attack foreign countries to collect information that will benefit their own government.
War is no longer waged with troops but with the swift execution of a cyber-attack that could bring down a whole country in just hours without even setting off any bombs, firing any guns or stepping foot in your enemy’s country. Yes, there will probably still be soldiers invading a country once the initial attacks are completed or maybe they will just leave the country to tear itself apart. Seems like a safe way for a country to take out an enemy doesn’t it?
If a country such as North Korea wanted to take out say China (Which they wouldn’t because that is where they get most of their supplies from – but you will see where I am going with this in a minute) being that they are a smaller country and would not have as much military firepower it would be a massive mistake for North Korea to attack China in the traditional sense with soldiers and missiles (you get it) they would certainly sustain many losses.
North Korea, however, has a state-sponsored hacking group generally known as APT38, this group is believed to be used for both building up the countries financial reserves (for which they are pretty successful at doing) and for attacking the enemies of their leader and country. If North Korea truly wanted to attack China and truly have a chance to win, they would need to use the strongest weapon they have that could inflict the most damage in the fastest possible period. Attack with all the force and abilities of APT38, take down the banking systems, shut down the power grids, and interrupt all of their communication networks. Kill their way of life, no money, no food, and no communications. It would not take long before society would start to implode and people starting to riot or pillage to survive (it would get ugly pretty quickly I think).
NK would just have to sit back and wait for this to happen and when everything was on the brink of complete collapse, come in with all their military strength and bring order back to the chaos. War one with minimal cost and damage to their own forces. Seems like a smart option for me. I know what you are thinking this couldn’t happen China would be too strong and they would have all of these systems well protected. Yes, they would have all these systems well protected and they probably have a strong cyber defence capability but have you seen the news anytime over the last year? Many companies and government organisations all over the world have what they think is a well-protected system but every system has a vulnerability you just need to find it.
Therefore, they get their hacker army to find these weaknesses, plan a simultaneous attack and initiate them all at once. What systems they did not bring down would probably collapse under the load if they were able to take out enough of them. This sounds very plausible to me, and in some form, we are already seeing attacks of cyber warfare with one just before Christmas (2018) in which China (Allegedly) targeted International MSP’s in order to gain access to their customer's systems and data. It was a successful attack, which until then had not really seen in such a large scale but this proves my point that a large scale synchronised attack could be very successful. I actually wrote an article warning of this back in July 2018 and it would seem that it has come to be.
What about as the IoT and smart everything invades every aspect of our lives, they could start there attack via infecting all of these devices in which have little if any security functionality and spread like wildfire through our entire lives. Yes governments have probably been thinking about this for years and I am sure they have capabilities in place that would amaze me (Or at least I hope they do) but this type of attack will most likely target the private sector not the government or military systems (at least not initially) but are we prepared to defend our systems form such a disciplined and well-skilled enemy?
I am not sure we are. We can barely protect ourselves from cyber-criminal groups who just want to steal our money so how can we say we are ready to defend ourselves from true cyber warfare if it came at us with full force. I think we would lose in a spectacular ball of fire (just to be dramatic) and it is scary to think about as if we took down all of our electronic systems many wouldn’t know how to survive, how to keep our families safe and warm or even feed them.
We need to work together more, know what is on our networks and at least cover all of the basics so that we can be as protected as possible. That way we might just have a chance to defend ourselves from such an attack as sadly I think it is truly just a matter of time before it actually occurs and I hope that Australia is not its target, as I know we are not ready for it.
As always, tell me what you think, you don’t have to agree with me but let’s start a conversation about this and start to make a change for the better.