Future Battlefield: Cybersecurity and Artificial Intelligence in National Security Policy

June 30, 2024

As defense technology advances, nations become increasingly reliant on digital infrastructure, making them vulnerable to cyber threats. The technological advancements in modern warfare techniques have compelled the world powers to develop a strong policy to address these challenges and enhance the overall security posture.

Cybersecurity has become an integral part of any national security policy. The year 2023 witnessed substantial progress on this particular front as several of the world’s leading powers, including the U.S., the UK, and NATO, brought forward their respective cybersecurity policies to eliminate threats posed by modern technologies including artificial intelligence (AI).

The advancements in AI and related technologies will completely transform the approach to national defense and war-fighting strategies. Those who fail to induce this perspective into modern security strategy would succumb to a quick death on the future battlefields.

By the end of the year 2023, it became evident that cyberattacks are as effective of a tool to get leverage in conflict as any other modern. It can be used as a deterrence and offense. In November 2023, the United Kingdom hosted an AI safety summit which several world and industry leaders, including representatives from China, attended. The summit gave the world’s first-ever AI agreement, signed by the leaders and representatives of 28 different countries.

According to the UK government, the declaration affirms that whilst safety must be considered across the AI lifecycle, actors developing frontier AI capabilities, in particular those AI systems that are unusually powerful and potentially harmful, have a particularly strong responsibility to ensure the safety of these AI systems, including through systems for safety testing, through evaluations, and by other appropriate measures.

Around the same time, the United States also devised its own set of rules and regulations to ensure the safe and trustworthy development of AI. An executive order from U.S. President Joe Biden in October 2023, stressed the urgency of devising governing legislation for the development and use of AI safely and responsibly.


Role of Cyber in Modern Conflicts

The use of the term cyberwarfare or cyberattacks has become more frequent in the security-related literature of the modern defense doctrine. Russia’s territorial invasion of Ukraine in February 2022 was accompanied by significant cyberattacks marking the first modern conflict that was fought simultaneously in the cyber realms as it was fought on the ground.

Similar instances of cyber warfare have been observed in conflicts involving states such as Russia and Georgia, Israel and Iran, as well as ongoing cyberattacks by Russia against Ukraine since 2014. According to a European Union report, the Switzerland-based Cyberpeace Institute recorded more than 1,998 cyberattacks and operations conducted by 98 distinct actors only in the first quarter of 2023.

These attacks have targeted 23 different critical infrastructure sectors, impacting not only Ukraine and the Russian Federation but also 49 other countries. The documentation of these incidents contributes to a comprehensive analysis of the use of cyber means in times of war.


Types of Cyberattacks Against Ukraine

Based on the attacks conducted on Ukrainian telecommunication and administrative infrastructure, cyberattack operations can be categorized into the following types.

- Destructive Attacks: These cyberattacks are characterized by their intent to permanently delete data or inflict irreparable damage on systems, rendering them unrecoverable. The consequential impact on organizations can be prolonged, particularly if backup retrieval or system reset proves challenging. Notable instances include the utilization of wiper malware targeting Ukrainian government entities and various sectors. A recent incident involved the resurgence of a destructive wiper malware named ‘CaddyWiper,’ identified by Ukraine’s Computer Emergency Response Team (CERT-UA). In January 2023, Ukraine reported the CaddyWiper attack on its national news agency Ukrinform. Other data-wiping malware deployed against Ukrainian targets include ZeroWipe, DoubleZero, HermeticWiper, WhisperKill, WhisperGate, IsaacWiper, and AcidRain, according to security researchers.

- Disruptive Attacks: Cyberattacks designed to disrupt services and operations have been prevalent during the conflict. These attacks targeted Ukrainian organizations in the early stages of the invasion, Russian organizations following a Ukrainian government appeal to civilians, and public institutions in some NATO member countries after security or economic announcements. Distributed Denial of Service (DDoS) attacks, particularly impacting the public and financial sectors, have been predominant. DDoS attacks accounted for more than 99% of all recorded cyberattacks against Ukraine between July and September 2023, according to the CyberPeace Institute.5 Financial, public administration, and information and communication technology (ICT) sectors were the primary targets A concerning trend is the targeting of vulnerable Ukrainian non-profit organizations, which often lack preparedness and resilience measures.

- Data Weaponization: This category includes cyberattacks leading to data theft or exfiltration, primarily for espionage, surveillance, or intelligence purposes. While the latter activities are expected in the context of war and geopolitics, collective actors engaged in the theft of data for activist purposes have been notably active. Data, about both private and public organizations, is exfiltrated and published online at an unprecedented rate. Hack and leak operations involve the weaponization of data, exemplified by a recent incident in March 2023 targeting EU countries. A state-sponsored Russian threat actor used spear-phishing emails containing information about the Polish Ambassador’s visit to the United States. This campaign mimicked real information exchange systems used by EU nations, employing malware to infiltrate networks and collect data.

- Disinformation: Information operations centered on disinformation and propaganda, although not new, have gained unprecedented speed and scale in the cyber domain. Cyberattacks focused on spreading false information and propaganda are prominent in this armed conflict. Threat actors aim to influence the information space, restricting access to timely, reliable, and official information for the population, or intentionally sowing confusion and undermining information integrity.


To Continue Reading, Download Full Report...

---

---

---