14.1 Cyber Warfare and Information Conflicts

Cyber Warfare Tactics

Offensive Cyberattacks

Cyberattacks use digital tools to disrupt, damage, or gain unauthorized access to computer systems and networks. Unlike conventional military strikes, these operations can be launched remotely, often with plausible deniability, making them attractive to both state and non-state actors.

• State-sponsored hacking occurs when governments fund or directly conduct cyberattacks against other nations or organizations. Russia's hacking of Democratic National Committee servers during the 2016 U.S. presidential election is one of the most widely cited examples. These operations can target government agencies, defense contractors, or political organizations.
• Cyber espionage uses digital intrusion to steal sensitive information, intellectual property, or military secrets. China's sustained campaigns to exfiltrate U.S. military technology designs, including data related to the F-35 fighter jet program, illustrate how espionage has shifted from human intelligence to network penetration.
• Disinformation campaigns are coordinated efforts to spread false or misleading information through social media and other digital channels. The goal is to influence public opinion, deepen social divisions, or erode trust in institutions. Russia's Internet Research Agency, for instance, created thousands of fake social media accounts to amplify divisive content in multiple Western democracies.

Defensive Measures

Because cyberattacks can target everything from election systems to hospital networks, defense requires layered strategies across both technology and policy.

• Cybersecurity refers to the technologies, processes, and practices that protect systems and data from unauthorized access or damage. This includes firewalls, encryption, intrusion detection systems, and multi-factor authentication (e.g., requiring both a password and a fingerprint to log in).
• Critical infrastructure protection focuses on securing the systems a society depends on: power grids, water treatment facilities, transportation networks, and financial systems. A successful attack on any of these can cause widespread disruption. The 2021 Colonial Pipeline ransomware attack, which shut down fuel distribution across the U.S. East Coast, showed how vulnerable these systems can be.
• Cyber deterrence aims to discourage adversaries from launching attacks in the first place. U.S. Cyber Command's "defend forward" strategy, for example, involves proactively disrupting threat actors in their own networks before they can strike. Deterrence can also rely on the threat of retaliation or public attribution of attacks to impose diplomatic costs.
• Digital sovereignty describes a nation's effort to control its own digital infrastructure and data flows. China's "Great Firewall" and data localization laws are the most prominent example, restricting foreign platforms and requiring data on Chinese citizens to be stored domestically. Russia has pursued similar policies with its "sovereign internet" law.

The Broader Context

Two umbrella concepts help frame how these tactics fit into international conflict.

Cyber warfare is the use of digital attacks to achieve military or political objectives, typically as part of a broader geopolitical rivalry. The ongoing U.S.-Iran cyber conflict illustrates this well: the Stuxnet worm (widely attributed to the U.S. and Israel) destroyed Iranian nuclear centrifuges in 2010, and Iran has since retaliated with attacks on U.S. financial institutions and Saudi oil infrastructure. Cyber warfare blurs the line between wartime and peacetime because attacks can occur without any formal declaration of war, and attribution is often uncertain.

Information warfare is the broader strategic use of information and communication technologies to influence or manipulate an adversary's decision-making. It encompasses propaganda, disinformation, psychological operations, and cyber warfare itself. What makes information warfare particularly effective against democracies is that open societies depend on free information flows, and that openness creates vulnerabilities. Adversaries exploit social media algorithms, partisan divisions, and declining trust in traditional media to shape the information environment without ever firing a shot.