We should expect that conventional motives and intentions will be significantly different as we transition to adversarial wartime cyber-attacks. Cyber-attacks in peacetime versus wartime first and foremost have different tactical or strategic objectives. Intentions of the attackers may no longer focus on exfiltrating data for resale on the black-market. Ransom may not be asked nor offered to decrypt systems when you become locked out by a Ransomware attack. Instead, it is more likely that the attacker will lock you out and throw away the key. In many cases, wartime objectives are intended to weaken or disable the opponent. Therefore, you should expect that the attacker’s primary intention is to disrupt commerce or disable your business entirely. Motives of the attackers are far less likely to be focused on financial gain. This potential shift in motives means that desired impacts may be more aligned with macro-economic impacts, infrastructure disruptions, social unrest, or simply retaliatory in nature. This means that once you are attacked – and you should assume you already are - it is likely your company may be shut down as a result. This approach would otherwise seem reckless in peacetime but may be of greater strategic advantage in wartime.
Why does Russia care about your company? In wartime your company may be targeted simply because it is headquartered or operates in a nation-state that is an adversary in the conflict. Your company may be considered a strategic or tactical objective or just collateral damage of the many cyber campaigns waged during the conflict. Either way, this new domain of warfare has unwillingly conscripted your company onto the frontlines of the battlefield. Therefore, consider changing your defense preparedness approach during wartime to plan for more aggressive objectives and business impacts to your company. Below is a list of potential wartime motives to consider based on the sector you operate within:
If your company has something of value in the conflict, it is subject to theft, misdirection, or misuse. This relates to military or commercial targets that offer a strategic or tactical advantage to the adversary once compromised.
Affects all critical infrastructure sectors including Nuclear Reactors, Materials, and Waste Sector | Defense Industrial Base Sector | Energy Sector
If your company operates critical infrastructure or offers critical social or supply chain services to the country or community, it is subject to disinformation campaigns or disruption. This relates to the stability of the social fabric of society.
Primarily affects Food and Agriculture Sector | Energy Sector | Dams Sector | Emergency Services Sector | Government Facilities Sector | Transportation Sector | Healthcare and Public Health Sector | Commercial Facilities Sector | Water and Waste Systems Sector
If your company provides services that support the health of the economy, it is subject to complete disruption. This is designed to give the adversary and economic advantage as a deterrence or objective of warfare.
Affects all critical infrastructure sectors including Financial Services Sector
If your company directly or indirectly supports the conflict, it is subject to advanced attack patterns that are intended to change the outcomes of a battle or the war. Examples of this might include companies that make components for fighter jets or food or packaging for soldiers.
Primarily affects Critical Manufacturing Sector | Chemical Sector | Transportation Sector | Defense Industrial Base Sector | Energy Sector
If your company is in the business of providing or supporting the technology infrastructure by which these attacks may occur, it is subject to seizure, surveillance, or control. It is less likely that mediums being used to wage cyber warfare campaigns will be destroyed in the process, unless it becomes of a strategic disadvantage to maintain operations. These are the equivalent of bridges used for moving troops, tanks, and supply lines to the adversary and should be considered a primary target in cyber warfare.
Primarily affects Communications Sector | Energy Sector | Information Technology Sector
We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.