by Máté Hekfusz
There is a new cold war going on. It is very similar to the old one: it started without much fanfare, and it is currently simmering under the public eye, only emerging in the form of high-profile incidents. It involves an emerging arms race and even has the same players. But the world has changed, the weapons must change too: instead of bullets and bombs, this new cold war is fought with lines of code.
The world today is much smaller than it was in the 20th century. Individuals and countries alike are interconnected with thousands of threads of technology. The Internet is the largest and most influential of these threads: usage statistics say that 4.3 billion people — more than half the Earth’s population — are connected to it in 2019. The online world is thus humanity’s greatest common space, where billions of systems exchange petabytes of data every day. Most of these systems rely on software to function and to interact with the Internet. But software is not all beneficial, or even built for legitimate usage — they could be used to steal data, siphon computer resources or outright destroy systems. Collectively, this type of software is known as malicious software — malware, for short.
Malware takes as many forms as legitimate software. Some types are named, aptly, after disease carriers (viruses and worms), others after historical concepts (trojans), and yet others are distinct enough to deserve entirely new names (rootkits, ransomware, and many more). As the Internet grew in scale and complexity over the decades to become the all-encompassing presence in our lives today, so did malware. Its humble beginnings were in the 1980s with programmers trying to highlight early system flaws, but it has since become capable of terrifying feats: whether it is ‘zombifying’ millions of computers into one powerful network to be used for illicit purposes or locking down billions of dollars’ worth of data while demanding ransom money, malware today can cause enormous damage.
It was only a matter of time before nation-states took notice. They recognized the potential of malware to be weaponized and have started adopting it as cyberweapons. The two biggest countries leading the charge, just like in the previous cold war, are the United States and Russia, with both their names tied to already-infamous cyberweapons. Today’s world is multipolar, however, and beyond the two former rivals, many other nations are joining the fray: China, the UK, Iran, and even North Korea are among those also gearing up, making and collecting pieces of malware to be used when the time comes. Their hope is that they can attack and cause major damage to their enemies without ever stepping foot or even entering the airspace of their territory. That is cyberwarfare.
Cyberattacks major enough to be considered ‘warfare’ have been rare so far. Two of the most infamous instances, as mentioned above, belong to the two frontrunners: the US and Russia. The US created Stuxnet, an extremely sophisticated piece of malware designed to infiltrate and decimate Iran’s nuclear program. Hailed as the “world’s first digital weapon”, when it was discovered in 2010, it managed to damage a thousand of Iran’s nuclear centrifuges and delay their enrichment program. Despite the US never officially confirming their involvement with the malware, the genie was out of the bottle, and the cyber cold war began. A couple years later, Russia also showed what it was capable of: it unleashed a groundbreaking cyberweapon on Ukraine with Industroyer, which was specifically designed to attack and disable power grids. In 2016, it plunged Kiev into darkness for an hour and was shown to be capable of infecting other critical infrastructure systems.
These attacks show that malware can affect the physical world and have the potential to cause real harm to people. One only needs to imagine the damage an unexpected power outage, lasting hours, or a malfunctioning nuclear facility can inflict. After all, one of the biggest strengths of cyber weapons is the lack of awareness about them. Critical infrastructure systems are rarely designed with security in mind, as they were never planned to be connected to the Internet. They are often equipped with outdated software, but even well-maintained devices can be compromised with zero-days — flaws in the system that no one but the attacker knows about. As a rule of thumb, anything that is connected to the Internet can be hacked and infected: voting machines, banks, hospitals, and other infrastructure critical to our daily lives.
In recent years, multinational groups like NATO and the EU have started recognizing the threat of cyber-warfare. NATO has recognized the Internet as a potential area of conflict, while the EU has started preparing its leaders to respond to a large-scale cyberattack. These are signs of progress, but the question remains: will governments manage to keep pace with the rapid advance of technology? The Internet is still expanding: ‘smart’ technology has reached home appliances, and one can put together entire smart homes where they can control every device remotely through voice commands. Some are looking even further, however: ‘smart cities’ are planned, where everything from trash cans to traffic lights is part of one massive Internet-of-Things (IoT). Recalling the earlier maxim that everything that is connected can be hacked, one can see that if everything is connected, then hacking and malware become a huge threat to people’s everyday lives.
It would be alarmist to say that malware will inevitably cause the next great conflict. Cyberweapons are expensive, and large-scale cyberattacks have so far been few. But that is just another way in which the cyber cold war is reminiscent to the old one: it goes largely under the public radar until the next notable incident. There is little hope in reversing this trend: as the world keeps getting smaller and more connected, nation-states will no doubt continue to use malware as part of their arsenal. If that is true, the best we can do is to keep this war as it is: cold.
