Cyber-warfare has eliminated the distinction between war and peace says General Sir Nick Carter, the UK’s chief of defence staff, adding, "I feel I am now at war", with the country threatened daily.
He was reported by the Telegraph saying: "Russia is much more of a threat. Our opponents are using deniable tactics and capabilities against us. The changing character of warfare has exposed the distinctions that don’t exist any longer between peace and war."
Carter’s rallying call that the military must prepare for both "...the fight today and the fight tomorrow" echoed comments last month from the UK ministry of defence and how it was investing in offensive cyber-capability.
At the 2019 Defence and Security Equipment International in September, Defence Secretary The Rt Hon Ben Wallace MP noted how the UK defence budget of more than £41 billion in 2020/21 will, in addition to providing land, sea, air and space capabilities, enable the country to keep investing in offensive cyber and exceed its Nato commitments.
In an official statement he commented: "The nature of warfare is changing. In an Information Age the challenge is not just to prepare for contingency but to operate and engage constantly.
"That means we need to be able not just to repel threats from our online frontline but the ability to strike out. We need to gather, co-ordinate and exploit the information we receive across all the domains much more effectively.
"That’s why we’re initiating a major programme of change, managing our people differently, adjusting the way we run our operations and maintaining our long-standing association of working with GCHQ in this area so we can be more agile in tackling dangers and grasping opportunities."
The military perspective on cyber was also being addressed at a Nato level as Jens Stoltenberg, secretary general of Nato incorporated the virtual world, combining Nato Article 5 stating that an attack on any NATO member state would trigger a collective response from all, with a more recent decision to treat cyber-space, real space and any possible threats therein equally, saying: "Cyber-attack on one NATO state is an attack on all".
Consequently each NATO member state was being called upon to develop its capabilities in cyberspace. It was noted how hostile actors can now launch an attack in cyberspace that can be as effective as kinetic attacks, hence: a successful cyber-attack can inflict a whole range of consequences, starting with temporary interference in functioning of a given equipment or system, and ending with physical damage and harming people.
NATO confirmed it is now facing some. 5,000 cyber incidents of various levels of intensity a day, making cyberspace the main arena of hybrid threats.
In a press statement, Izabela Albrycht, chairperson of the board, the Kosciuszko Institute*, in Poland adds: "There should be absolutely no doubt that cyber-attacks constitute a major threat not only for civilians, civil equipment and infrastructure, but also for the military." She noted how in 2014, during a NATO summit in Wales, it was decided that international law also refers to cyber-space and that NATO member states must be ready to respond to cyber-threats just as effectively as to attacks launched with the use of conventional methods.
Proper mechanisms for sharing information between public and private sectors and academia can significantly improve defence in many ways including reducing the time devoted to R&D works says the The Kosciuszko Institute. In its pre-conference statements it praised France as an example of how such a successful partnership should look, by mobilising and co-ordinating all available resources – both public and private – so that the French cybersecurity solutions will gain a competitive edge, leading to measurable benefits for the private sector as well as the entire state.
A current example of cyber playing its part in warfare was the US cyber-response to Iranian military action against shipping in the Gulf. And now, following a kinetic attack on Saudi Arabia, which the US has said is sponsored by Iran, Iran’s oil minister has been advising the country's petroleum industry to be on alert to physical and cyber attacks. Dave Weinstein, CSO at Claroty commented: "This is more evidence of the disruptive clash between geopolitics and cyber-security. Iran's positioning is indicative of a growing awareness among nations that cyber-force is both an acceptable and effective means of responding to physical force. In this respect I expect more nations will turn to cyber as non-lethal instruments of national coercion - similar in nature to economic sanctions."
Another example are the recent reports of defence contractors Rheinmetall AG and Defence Construction Canada (DCC) being hit tby cyber-attacks that impacted and disrupted their information technology systems.
*The Kosciuszko Institute is a Polish think-tank and organiser of CYBERSEC 2019 which will be held on 29–30 October in Katowice, Poland.