CommentaryCyberWar

Russia-Ukraine and Israel-Hamas Wars Reveal All [Cyber] Conflicts Are Global

The fusion of traditional hacktivism with actions by nation-states and cybercriminals highlights the global ramifications and complexity of cyber warfare.

During an impassioned public plea in October, President Joe Biden linked the Gaza and Ukraine conflicts, saying each is “vital for America’s national security.” The subsequent funding bill also linked the two and quickly became political, with debates about the connection raging. 

However, while debates continue, cyberspace reflects the two conflicts being intimately linked to broader geopolitical alliances. It also serves as proof of the blurring lines between traditional hacktivism as an ideologically motivated activity and organized nation-state actor attacks. 

Cyber War’s Reach

The wide-reaching effects of cyber war mean that even civilians of countries not directly involved in a war might be impacted.

For instance, in 2020, Israel faced a significant cyber threat targeting critical water infrastructure. For the US, this threat became a reality in 2023. The Iranian CyberAv3ngers group exploited vulnerabilities in US industrial control systems, revealing significant cybersecurity weaknesses in American water utilities.

The nature of modern cyber warfare adds a global aspect to nearly every conflict. Nations must tackle the issue with universally coordinated and revamped tactics able to combat sophisticated nation-states in a truly global digital battlefield.

The Blurring of Lines

The trend of cybercriminals declaring allegiances to nation-states and actively participating in geopolitical conflicts comes as the distinction between hacktivists, cybercriminals, and nation-state actors continues to erode.

Hacktivist groups, such as SiegedSec, have been acting against the West by declaring allegiances to Russia and targeting Israel’s government infrastructure and Shufersal, the country’s largest supermarket chain.

The increasingly complex web of alliances and motives in the cyber realm means that nation-state actors, traditionally associated with espionage, are now engaging in economic crimes. North Korean state actors are this trend’s epitome, being responsible for a quarter of all global cryptocurrency currency thefts.

Meanwhile, Chinese state actors have gone to unprecedented lengths to conduct economic espionage and intellectual property theft. These actors routinely employ deceptive tactics, blurring lines to purposely obfuscate state-actor status, disguising their espionage activities as cryptojacking malware campaigns to hide their true objectives.  

These alliances’ evolving dynamics highlight the need for a comprehensive and adaptive approach to cybersecurity.

People's Liberation Army
China’s People’s Liberation Army soldiers. Photo: AFP

Disinformation Goes Beyond Misleading Online Memes 

Disinformation tactics, fueled by false information and propaganda, are significantly amplified in ongoing global conflicts, courtesy of the cyber domain. 

Threat actors aim to influence understanding of the conflict, either by obstructing access to credible sources or sowing confusion. For instance, Elon Musk reinstated X user “Sprinter” with a blue verification badge despite being initially blocked for circulating pro-Russian disinformation. Sprinter went on to spread false information about US-manufactured bombs in Gaza’s Al-Ahli Hospital.

For some, it might be astonishing to learn that this misleading content garnered more attention than an authentic Wall Street Journal report. A highly publicized investigation adds further worries, finding that 75 percent of top misleading tweets during the Israel-Hamas conflict came from verified users.

In some disinformation campaigns, terror is the ultimate aim, not just sowing confusion or winning hearts and minds. In the first days of the Israel-Hamas war, a cyber attack targeted the Israeli Rocket alarm app Red Alert, a vital tool for citizens receiving notifications of incoming rocket attacks. 

AnonGhost, a pro-Palestinian hacktivist group, exploited a vulnerability and issued false alerts, including a baseless claim of a “nuclear bomb.” This calculated and alarming tactic, strategically intertwined with a broader misinformation campaign, aimed to scare the population and undermine the credibility of life-saving alerts to cause further casualties.

Globally, Cyber Warfare Is a No-Brainer

Only the most advanced conventional militaries can project power across the world thanks to dizzyingly complex supply chains, the necessary sophisticated tech, and high costs in both money and manpower.

That reality makes conventional warfare less likely and far more geographically constrained. Cyber warfare is the exact opposite. Less than 5 percent of hackers are caught, and merely 0.3 percent of reported cybercrime complaints are enforced. With state-level sophistication, those numbers are even lower.

The amount of money and valuable intellectual property that can be obtained under the guise of conflict is astounding and more than pays for itself. Not to mention, the barrier to entry is low, costs are low, and aside from a bad case of carpal tunnel syndrome, so is the physical price.

A cyber duty identifier patch is worn by an US Air Force 1st Lt. cyberspace operations officer
A cyber duty identifier patch is worn by a US Air Force 1st Lt. cyberspace operations officer. Photo: Sgt. Matthew Lucibello/US Army

United, Proactive Response

In the relentless battle against cybercrime, a united and proactive response is not just ideal; it is imperative.

Recent initiatives, such as the US-led 40-country coalition against ransom payments, lack the critical preemptive measures needed to effectively disarm criminals. The focus on reporting incidents alone falls short. What’s required is a comprehensive understanding of real-time threats, tighter standards, and a shared intelligence framework. 

Although important, following regulations and achieving certifications lack ongoing relevance. While the Financial Industry Regulatory Authority advocates in-the-moment responses, true relevance demands prioritizing proactive security measures and embracing threat intelligence. 

An agile and intelligence-driven approach, coupled with effective information sharing, enables organizations to thwart cyber threats before they materialize.


Headshot Yochai CoremYochai Corem is the CEO of Cyberint, a leading threat intelligence firm.

He is a seasoned executive and strategic cyber security leader and innovator with over 20 years of experience in driving sales and overall business success for cyber security companies.


The views and opinions expressed here are those of the author and do not necessarily reflect the editorial position of The Defense Post.

The Defense Post aims to publish a wide range of high-quality opinion and analysis from a diverse array of people – do you want to send us yours? Click here to submit an op-ed.

Related Articles

Back to top button