THE HYDRA
A new generation of hybrid warfare is evolving with cyber as its principal weapon.
By Synergia Research Team
Hybrid warfare represents a sophisticated and evolving conflict mode that combines traditional military tactics with unconventional methods. This approach has become increasingly relevant in the contemporary geopolitical landscape, where nations leverage advanced technologies to achieve strategic objectives without engaging in traditional military confrontations.
The term "hybrid warfare" gained prominence in the context of conflicts involving Russia, particularly during the annexation of Crimea in 2014. In this scenario, Russia employed a blend of military manoeuvres, propaganda, and cyber operations to achieve its strategic goals without triggering a full-scale war.
A Multi-Faceted Threat
Hybrid warfare is a multi-dimensional strategy that integrates various forms of warfare, including conventional military force, irregular tactics, cyber operations, and information warfare. This approach allows both state and non-state actors to exploit vulnerabilities in their adversaries while maintaining plausible deniability.
While both hybrid warfare and traditional cyber-attacks involve cyber capabilities, they differ in several key aspects; hybrid warfare employs a combination of conventional military tactics, irregular warfare, cyber operations, and information warfare to achieve strategic objectives. The goal is to weaken an adversary without engaging in direct military confrontation. In contrast, traditional cyber-attacks are typically more narrowly focused on disrupting or damaging specific systems or networks, often for criminal purposes.Such cyber-attacks are more likely to be conducted by individual hackers or small groups without direct state backing.While still potentially damaging, traditional cyber-attacks are usually less complex and coordinated.
Hybrid attacks blur the lines between peace and war, as cyber-attacks and other non-kinetic actions can inflict significant damage without crossing the threshold of open conflict. This creates legal and operational dilemmas for targeted nations.
Key Characteristics of Hybrid Warfare are as follows: –
Multi-Domain Operations
: Hybrid warfare involves a broad spectrum of tactics across various domains, including land, sea, air, and cyberspace. This multi-domain approach provides flexibility in responding to adversaries and enables attacks on their most vulnerable points.
Use of Non-State Actors
: Hybrid warfare often involves the use of non-state actors, such as militias or cybercriminal groups, which complicates the process of attribution and
accountability. This strategy allows state actors to distance themselves from aggressive actions while reaping benefits.
Psychological Operations
: Information warfare is a crucial element of hybrid strategies. Disinformation campaigns and propaganda are employed to manipulate public perception, sow discord, and undermine trust in institutions.
Economic Manipulation
: Economic tools, including sanctions and
cyber-attacks
on critical infrastructure, weaken an opponent's economic stability and social cohesion.
Cyber Attacks
.
Cyber-attacks in hybrid warfare tend to be highly sophisticated, well-coordinated, and conducted on a large scale. They are often precursors to or accompany conventional military actions.
The Heart of Hybrid Warfare: Cyber
Cyber-attacks are a central component of hybrid warfare, offering a means to disrupt, damage, or manipulate an adversary's critical systems without physical confrontation. These attacks can target a wide array of sectors, including:
Critical Infrastructure
:
Cyber-attacks
on power grids, water supply systems, and transportation networks can cause widespread disruption and panic. A notable example is the 2021 Colonial Pipeline ransomware attack in the United States, which underscored the vulnerability of critical infrastructure to cyber threats.
Financial Systems
:
Cyber-attacks
on financial institutions can destabilise economies and erode public confidence in financial systems. Cybercriminals often exploit vulnerabilities to execute ransomware attacks, demanding payment to restore access to essential systems.
Information Systems
: Cyber operations can be used to steal sensitive information, conduct espionage, and manipulate data to influence public opinion or political outcomes. For instance, using social media to spread disinformation during elections has become common in modern hybrid warfare.
A Financial Armageddon
In hybrid warfare, cyberattacks paralyse financial systems. This is achieved through exploiting vulnerabilities in critical infrastructure, eroding trust, and creating systemic risks that threaten global financial stability. A prime example of such disruption is attacks on payment processors or banking systems, where the ability to process payments or access funds can be severely compromised. A recent incident involving a cyberattack on a technology service provider demonstrated the financial system's interconnectedness; multiple banks could not send payments, illustrating how one attack can have cascading effects across the entire sector.
The consequences of cyberattacks extend far beyond immediate operational disruptions. These attacks can severely undermine public trust in financial institutions, crucial for the stability of any financial system. When consumers lose confidence in their banks, it can lead to bank runs, capital flight, and a broader market panic. In this context, the psychological impact of cyber warfare can be as damaging as the physical disruptions caused by the attacks themselves.
State actors may conduct cyber operations intending to weaken an adversary's economy, disrupt trade, or undermine financial stability. For instance, attacks on stock exchanges or financial markets can induce significant market volatility, leading to substantial financial losses and diminished investor confidence. Such attacks can have far-reaching effects on economic growth and stability, making them a potent weapon in hybrid warfare strategies.
Moreover, cyberattacks frequently involve the theft or manipulation of sensitive financial data. By compromising financial institutions, attackers can access confidential information, which can then be exploited for fraud, insider trading, or other illicit activities. The manipulation of financial data can distort market perceptions and lead to erroneous investment decisions, further destabilising the financial systems.
The financial sector's digital transformation, while offering numerous benefits, has also increased its vulnerability to cyber threats. As banks and financial services increasingly rely on digital platforms, the attack surface expands, providing more opportunities for cybercriminals. The COVID-19 pandemic accelerated this trend, with a greater reliance on online services and remote operations, often less secure than traditional systems.
The interconnectedness of global financial markets means that a significant cyber incident in one country can trigger a chain reaction, affecting economies worldwide. The 2017 NotPetya ransomware attack, which targeted operations in Ukraine, led to substantial financial losses and operational disruptions for numerous multinational companies, highlighting the global economy’s vulnerability to cyber threats. These incidents can increase market volatility and hinder economic growth.
The long-term implications of cyberattacks in hybrid warfare include sustained economic damage, increased costs for cybersecurity measures, and shifts in investment patterns. Businesses may need to divert resources from growth and innovation to bolster cybersecurity. At the same time, countries may face prolonged economic instability, reducing their competitiveness in the global market as they recover from such incidents.
The Usual Suspects
If one goes by the quantum of data available from Western sources, it would lead us to conclude that Russia is at the forefront of employing hybrid warfare tactics, particularly through its cyber capabilities. The Kremlin has been accused of orchestrating cyber-attacks against various nations, including the United States and several European countries, to influence elections and undermine democratic processes. The alleged interference in the 2016 U.S. presidential election is a prominent example where Russian operatives reportedly used social media to spread disinformation and create discord among voters. Recently, U.S. media reports indicated that the FBI is investigating Russian efforts to hack both the Trump and Biden-Harris campaigns.
Iran also figures prominently in the West-sponsored 'Rogue's Gallery' of hybrid warfare practioneers. The 2012 cyber-attack on Saudi Aramco, which caused significant damage to the company's infrastructure, exemplifies how cyber capabilities can be used to achieve political objectives and retaliation against much stronger adversaries.
China’s approach to hybrid warfare includes a combination of cyber espionage, economic coercion, and information manipulation. The Chinese government has been implicated in numerous cyber espionage campaigns targeting foreign governments and corporations to steal intellectual property and sensitive information. As per the New York Times (28 Feb 2021), an outage that crippled India's electric grid, bringing the financial hub Mumbai to its knees in October 2020 had Chinese fingerprints. A Study found that Chinese malware was flowing into the control systems that manage electric supply across India, along with a high-voltage transmission substation and a coal-fired power plant, timed to send a message that if India pressed its claims in the Himalayas too hard, the lights could go out across the country.
A Strategic Weapon
Cyber-attacks' ambiguity complicates traditional notions of warfare and deterrence, requiring nations to effectively adapt their defence strategies to counter these multifaceted threats. Nations must invest in robust cybersecurity measures to protect critical infrastructure and sensitive data from cyber-attacks. This includes developing advanced threat detection systems and fostering collaboration between the public and private sectors to share intelligence on emerging threats.
Cyberattacks on critical infrastructure supporting global supply chains, such as ports and logistics networks, can lead to severe disruptions with far-reaching economic consequences. Ransomware attacks on European ports have demonstrated how these disruptions result in delays, increased costs, and inflationary pressures. A striking example is the Port of Los Angeles, which faces an average of 40 million cyberattacks monthly, underscoring the vulnerability of vital economic gateways. When supply chains are compromised, shortages of essential goods can occur, sparking panic and further destabilising the economy.
Assessment
Governments must establish clear legal frameworks to address cyber warfare and hybrid tactics. This involves defining the roles and responsibilities of state and non-state actors in cyberspace and establishing norms for acceptable behaviour.
Hybrid warfare transcends national borders, making international collaboration essential in addressing shared threats. Countries must develop joint strategies for intelligence sharing, cyber defence, and countering disinformation campaigns.
Educating the public about the risks of disinformation and cyber threats is also crucial. Building societal resilience against manipulation and fostering critical thinking can help mitigate the impact of hybrid warfare tactics.
